What's new

The End Session policy and all user accounts

B

balubeto

New Member
Hi

In Windows 8 Enterprise 64-bit, how come if I add a script to this policy "User Configuration ---> Windows Settings ---> Scripts (Logon/Logoff) ---> End Session", this script applies only to the current account, and not to all accounts?

Thanks

Bye
 
Are you doing this via the Local Group Policy Editor, or via an Active Directory Group Policy Object?

What is the path to your script in the Logoff section? Is it available to everyone?
 
graye said:
Are you doing this via the Local Group Policy Editor, or via an Active Directory Group Policy Object?

What is the path to your script in the Logoff section? Is it available to everyone?
Click to expand...

In Windows 8 Enterprise 64-bit, I have applied the "End Session" policy using the LGPO and it writes on the registry:

Code: 
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Logoff]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Logoff\0]
"GPO-ID"="LocalGPO"
"SOM-ID"="Local"
"FileSysPath"="C:\\Windows\\System32\\GroupPolicy\\User"
"DisplayName"="Criteri gruppo locale"
"GPOName"="Criteri gruppo locale"
"PSScriptOrder"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Logoff\0\0]
"Script"="C:\\Windows\\System32\\reg.exe"
"Parameters"="add HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Authentication\\LogonUI\\UserSwitch /v Enabled /t REG_DWORD /d 1 /f"
"IsPowershell"=dword:00000000
"ExecTime"=hex(b):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-3137485388-3153590309-3382964295-1001\Scripts\Logoff]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-3137485388-3153590309-3382964295-1001\Scripts\Logoff\0]
"GPO-ID"="LocalGPO"
"SOM-ID"="Local"
"FileSysPath"="C:\\Windows\\System32\\GroupPolicy\\User"
"DisplayName"="Criteri gruppo locale"
"GPOName"="Criteri gruppo locale"
"PSScriptOrder"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-3137485388-3153590309-3382964295-1001\Scripts\Logoff\0\0]
"Script"="C:\\Windows\\System32\\reg.exe"
"Parameters"="add HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Authentication\\LogonUI\\UserSwitch /v Enabled /t REG_DWORD /d 1 /f"
"ExecTime"=hex(b):dd,07,05,00,01,00,1b,00,11,00,03,00,18,00,d2,00
"ErrorCode"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-3137485388-3153590309-3382964295-1001\Scripts\Logoff]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-3137485388-3153590309-3382964295-1001\Scripts\Logoff\0]
"GPO-ID"="LocalGPO"
"SOM-ID"="Local"
"FileSysPath"="C:\\Windows\\System32\\GroupPolicy\\User"
"DisplayName"="Criteri gruppo locale"
"GPOName"="Criteri gruppo locale"
"PSScriptOrder"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Group Policy\State\S-1-5-21-3137485388-3153590309-3382964295-1001\Scripts\Logoff\0\0]
"Script"="C:\\Windows\\System32\\reg.exe"
"Parameters"="add HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Authentication\\LogonUI\\UserSwitch /v Enabled /t REG_DWORD /d 1 /f"
"ExecTime"=hex(b):dd,07,05,00,01,00,1b,00,11,00,03,00,18,00,d2,00
"ErrorCode"=dword:00000000
[HKEY_USERS\S-1-5-21-3137485388-3153590309-3382964295-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Logoff]
[HKEY_USERS\S-1-5-21-3137485388-3153590309-3382964295-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Logoff\0]
"GPO-ID"="LocalGPO"
"SOM-ID"="Local"
"FileSysPath"="C:\\Windows\\System32\\GroupPolicy\\User"
"DisplayName"="Criteri gruppo locale"
"GPOName"="Criteri gruppo locale"
"PSScriptOrder"=dword:00000001
[HKEY_USERS\S-1-5-21-3137485388-3153590309-3382964295-1001\Software\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Logoff\0\0]
"Script"="C:\\Windows\\System32\\reg.exe"
"Parameters"="add HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Authentication\\LogonUI\\UserSwitch /v Enabled /t REG_DWORD /d 1 /f"
"IsPowershell"=dword:00000000
"ExecTime"=hex(b):00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

Now, as I should do so that these keys are automatically applied to each user of the system and to each edition of Windows 8.

By chance, is there some trick to do this?

Thanks

Bye
 
I would make sure your log off script is in a location that all users have rights and permissions such as C:\Scripts and assign at least read and execute permissions to the script. I've had many a desktop or AD Admin store the scripts in their Documents folder and it works great for them but cant figure out why it doesn't work for anyone else.
 
jnjroach said:
I would make sure your log off script is in a location that all users have rights and permissions such as C:\Scripts and assign at least read and execute permissions to the script. I've had many a desktop or AD Admin store the scripts in their Documents folder and it works great for them but cant figure out why it doesn't work for anyone else.
Click to expand...

Because the shutdown policy is applied to all users, there is a way to change my command so that, when a user logs off, the value of the Enabled entry is changed?
Thanks
Bye
 
I can not understand why if I edit the registry in this way:

Code: 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\Windows\\system32\\userinit.exe,C:\\Windows\\System32\\reg.exe add HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Authentication\\LogonUI\\UserSwitch /v Enabled /t REG_DWORD /d 1 /f,"
"LegalNoticeText"=""
"Shell"="explorer.exe"
"LegalNoticeCaption"=""
"DebugServerCommand"="no"
"ForceUnlockLogon"=dword:00000000
"ReportBootOk"="1"
"VMApplet"="SystemPropertiesPerformance.exe /pagefile"
"AutoRestartShell"=dword:00000001
"PowerdownAfterShutdown"="0"
"ShutdownWithoutLogon"="0"
"Background"="0 0 0"
"PasswordExpiryWarning"=dword:00000005
"CachedLogonsCount"="10"
"WinStationsDisabled"="0"
"PreCreateKnownFolders"="{A520A1A4-1780-4FF6-BD18-167343C5AF16}"
"scremoveoption"="0"
"DisableCAD"=dword:00000001
"ShutdownFlags"=dword:80000027
"EnableFirstLogonAnimation"=dword:00000001
"AutoLogonSID"="S-1-5-21-3137485388-3153590309-3382964295-1001"
"LastUsedUsername"="Balubeto_Balubeto"
"AutoAdminLogon"="0"
"DefaultUserName"="Balubeto_Balubeto"

the screen, which displays all accounts, does not appear.

Thanks

Bye
 
You must log in or register to reply here.

Similar threads

B
Customize the winlogon process
Replies
0
Views
2K
balubeto
B
B
Save the Login data requested during switching from a local to a Microsoft account
Replies
0
Views
2K
balubeto
B
P
Had to create MS Account for each domain user ?
Replies
7
Views
8K
plop28
P
F
Disable the touch screen to use the pen
2 3
Replies
28
Views
57K
Pioneer
P
sharpuser
HowTo Choose whether to display user email and name on Windows 10 Login
Replies
1
Views
3K
GreyFox7
G

Latest posts

Back
Top