Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows Server 2003 Domain Logon Banner

Status
Not open for further replies.
Dec 29, 2009
10
US
This is my second ENTIRE day spent trying to create a Domain Logon Banner. I tried everything that I am told to do from 3 different books. It still doesn't work.

Can anyone help me with details as to how I can accomplish this?

Thank you in advance.

Respectfully;
Steve
 
Here is what I did;

Active Directory Usres and Computers
Domain Name (Right click)
Properties
Group Policy Tab
Default Domain Policy
User Cinfiguration
Windows Settings
Scripts(Logon/Logoff)
Logon
Edit
"Script Name" \\domainname.domain\sysvol\domainname.domain\scripts\filename.bat

The filename.bat was the text created for the logon banner.

gpresult on a workstation "INFO: The policy object does not exist.
 
Are you trying to edit the text seen when a user logs on? What you have listed there doesn't make any sense, and you haven't included the contents of filename.bat.

shows you how to do it in the "Implementing an Authorized Usage Warning" section.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
I just want a message to display that states that the computer is only to be used for business purposes not for personal use.
The actual verbage is in the filename.bat file.
 
Replace

User Cinfiguration
Windows Settings
Scripts(Logon/Logoff)
Logon
Edit
"Script Name" \\domainname.domain\sysvol\domainname.domain\scripts\filename.bat

with

Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options

Locate the setting

Interactive Logon: Message text for users attempting to log on

and set it to the text that you want
 
I tried the instructions that were in the link that you provided. No luck. There must be some little detail that is being overlooked.
 
>No luck

You mean it just didn't work? Or the instructions were wrong. so you could not complete the config?

If the latter, be aware that the name of the Security Options key for the logon dialog has changed from W2000 (which the referenced article is for) to W2K3 as follows:

[tt]Message title for users attempting to log on[/tt]

to

[tt]Interactive Logon: Message text for users attempting to log on[/tt]

(as per my previous post)
 
What does it mean when the GPRESULT retrieves nothing?
Could this be the source of my problem?
 
I believe you also need to enable "Interactive logon: Message title for users....." With something like ** Attention ** or ** WARNING**
 
Creating a domain logon banner seems simple:
Start
Administrative Tools
Domain Security Policy
Local Policies
Security Options
Interactive Logon: Message Text......
Interactive logon: Message Title.....

Do I need to do something else to a GPO or something?

Whan I type GPRESULT on a user workstation at the C:\ I get "Getting the SID information...
INFO: The policy object does not exist.
 
I just tried the gpupdate /force. No luck. Same reply as before.

Thank you very much for all of your efforts.
 
Is the machine a member of the OU where the policy is applied?
 
I don't know. This is a fresh install with basically nothing done to it yet. I am just trying to set the logon banner for the entire Domain. Do I need to create an OU?
 
There is no need to make OU for this GPO to work, just apply GPO to entire domain. And workstation should be member of your domain, of course :)

===
Karlis
ECDL; MCSA
 
I have applied the GPO to the Domain and the workstations are in the Domain.
There must be a piece missing that is being overlooked.
 
From a server with GPMC installed, on the left, near the bottom, is a way to run a Group Policy modeling wizard. You can pick a machine and a user and determine what policies are applied, which aren't, and why.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Are you using GPMC? If not give it a go. Create a new GPO never use the default Domain policies. Once created you will see in the right pain there is a details Tab click it and look at the unique ID a number like this {59D2F39B-1E18-4161-806F-8F52FCEA378D}.

Now on the server go to \\serverName\SYSVOL\domain.com\Policies
and check it exists.

If there is more than one server force replication to ensure all servers receive the GPO. [Through dssite.msc]

If the user is in an OU check that block inheritance is not ticked.





MCITP:EA/SA, MCSE, MCSA, MCDBA, MCTS, MCP+I, MCP
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top