Apr 10 2024 07:00 AM - edited Apr 10 2024 07:16 AM
Hi all,
Earlier this year, we replaced all of our Domain Controllers, moving from Windows Server 2012R2 to Windows Server 2022. Ever since we made this change, we have seen some different behavior with GPO-configured Startup scripts. These scripts are located in the NETLOGON directory (or a subfolder of NETLOGON).
For about a decade, we have had a GPO-configured startup script to install our AV software on every machine in the domain. After we upgraded, it is no longer running. After some troubleshooting, it seems that the script isn't trusted. Our execution policy is set to remote signed.
EDIT: Logon scripts that are PowerShell scripts seem to work as expected. It appears to only be with Startup scripts.
I haven't found anything through internet searches about AD changes to the way NETLOGON is trusted.
Has anyone else seen, experienced, hopefully resolved this problem?
Thanks
Apr 28 2024 04:28 AM
Apr 28 2024 04:40 AM
@L_Youtell_974 is that new with server 2022? I don’t ever recall having to do that in the past. I thought that by being joined to the domain, you would inherently trust NETLOGON.
Apr 28 2024 05:01 AM