Updating user policy when user is not logged on

hi

i've identified number of user accounts have incorrect policy setting. running gpupdate.exe /force against user account updates setting correct value.

i have script reads through users ntuser.dat's on profile share, , when identifies 1 incorrect setting, identifies the device the user logged onto , silently sends gpupdate /force device. 

this works fine i'd able to run policy update against ntuser.dat if they're not logged on. does 1 know of tool or method allow force policy update against ntuser.dat user isn't logged on?

i realise change setting correct value, strikes me little messy , potentially misses other values aren't correct.

any ideas?

thanks

p

 

> works fine i'd able run policy update

> against ntuser.dat if they're not logged on. 1

> know of tool or method allow force policy update

> against ntuser.dat user isn't logged on?

 

no official way - profile has loaded process aspects of

gpos. if adm templates - registry.pol format

documented , can extracted, it's easy grab applying gpos,

extract settings registry.pol in each gpo, load ntuser.dat

and inject settings.

 

http://www.faq-o-matic.net/2007/03/26/gruppenrichtlinien-per-skript-lesen-und-schreiben/

(it's german site, download contains english instructions

on usage...)

 

but dont't blame me if things go wrong - , in case of support, don't

tell ms did ;-))

 

regards, martin

 

---

no not evil, if know doing: or bad gpos?
wenn meine antwort hilfreich war, freue ich mich über eine bewertung! if answer helpful, i'm glad rating!

Windows Server  >  Group Policy