Posts tagged: active directory

Redirecting Favorites using Group Policy

Windows Active Directory and group policy lets you easily redirect your users Desktop, My Documents folders, Start Menu and Application Data (although I would like to know why anyone would redirect the App data folder). But for some reason the users Favorites redirection was left out of these defaults.

I’m sure there are multiple ways to do this but the way I’ve accomplished this at many sites by doing the following:

Create a blank group policy and call it something like “favoritesredirection” and assign it to the user Organisational Unit you want redirection to occur.

Within your new policy navigate to  the User Configuration -> Windows Settings -> Scripts (Logon/Logoff) and double click on Logon from the right hand side.

redirectfavorites1

Click on Show Files….

redirectfavorites2

Now create the following files within this folder using something like notepad to do the editing as it doesn’t add any extra useless formatting:

A “favoritesredirection.bat” containing:

%systemroot%regedit /s favoritesredirection.reg

A “favoritesredirection.reg” file containing:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell Folders]

“Favorites”=hex(2):25,00,48,00,4f,00,4d,00,45,00,44,00,52,00,49,00,56,00,45,00,
25,00,5c,00,46,00,61,00,76,00,6f,00,72,00,69,00,74,00,65,00,73,00,00,00

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerShell Folders]
“Favorites”=”\servernameHomefolders%username%_favorites”

The directory should look like this:  redirectfavorites3

Back on the “Logon Properties” window click on Add.

redirectfavorites4

Type in favoritesredirection.bat (or browse and select favoritesredirection.bat) and click on Ok -> Ok and close out of the group policy object editor.

redirectfavorites5


Share

Tags: , , , ,

categories Windows 2003, Windows XP | | datetime February 22, 2009 7:53 am | comments Comments (0)

Find users who have not logged in for a period of time in Active Directory

You can easily see which users have not logged into your Active Directory domain for a period of time by using the Saved Queries functionality built into Active Directory on Windows 2003 server.

Open Active Directory Users and Computers and right click Saved queries shown below and select New -> Query.

lastlogon1

On the New Query screen below. Give your query a name (and also a description if you wish) and click Define Query…

(If you do not want to gather the information from the entire domain, you can click on the “Browse…” button to only select the Organisational Unit you want.)

lastlogon2

Chose an option from the “Days since last logon” drop-down box. This gives you the option of 30, 60, 90, 120 or 180 days which would suit most cases. Then Click OK and then OK again

lastlogon3

Now under our saved queries folder we can see our query which we just created. If you click on it all the matching users will appear on the right hand side of the screen.

lastlogon41

Note: This feature is also available from the Find screen (With the domain selected choose Action -> Find) by selecting “Common Queries” from the Find drop-down menu. But it does not save your query for later use.

Share

Tags: , , ,

categories Windows 2003 | | datetime February 20, 2009 8:11 am | comments Comments (0)