How to prevent a computer from running a user logon script in Windows Server 2008

問題描述: You may experience certain situations where you may want to prevent a computer from running a user logon script. For example, you may want to do this when a terminal server hosts a special environment for a forest.

A. KB 924034於server 2008也適用 ( 此為未使用GPO做法),即是logon script套用至user物件上

===========================

1. 煩請您登入terminal server並打開記事本

2. 將以下指令複製貼上於此記事本檔案內,並將其存檔於您所指定的路徑,舉例來說您可存成bypass.cmd.

@echo off

           Set UserInitLogonScript=

           Start %systemroot%\system32\userinit.exe

           exit

3. 煩請您執行regedit,並搜尋至以下路徑:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

4. 右側可找到Userinit項目,並將其值修改為您先前bypass.cmd.所指定之完整路徑,如下圖所示:

clip_image002

5. 將此台terminal server重新開機,檢查是否生效

Reference:

How to prevent a computer from running a user logon script in Windows Server 2003

https://support.microsoft.com/kb/924034/en-us

B. 若您使用GPO來套用logon script,建議您採取以下做法:

===================================

1. 煩請您打開GPO管理介面並選擇您所指定的OU (以您的情境而言,為terminal server所在的OU,以此例而言,其OU為ACC)

clip_image004

2. 將loopback功能啟動並選擇replace模式

clip_image006