Group Policy Logon script issue

Welcome Forums General PowerShell Q&A Group Policy Logon script issue

This topic contains 2 replies, has 2 voices, and was last updated by

4 years, 5 months ago.

  • Author
  • #19173

    Points: 2
    Rank: Member

    Hi guys!

    Hope you have an excellent time in Amsterdam. Wish I was there.

    I recently re-experienced a very annoying behavior in Powershell User Logon Scripts.

    I needed to use a GPO for fixing several issues on registrykeys, local files and some other small tasks on a bunch of machines. The easiest way for this task was to deploy a Group Policy with a User Logon Script (the registrykey is in the logged on users hive).

    All worked fine for most users, but our servicedesk started complaining about very long logon times. It turned out they loaded their Powershell profile with all Active Directory and MSOnline modules, including a connection setup to the tenent and a session import, resulting in Powershell loading all these very usefull tools in the logon process just to set my minor tasks and killing off the session after successfully applying the settings.

    Of course it's better practice to load what you need from the console or a script importing the nessesary modules, but administrators will never have control over the $profile of all users. Hense I'm still not able to understand, why the Powershell Script option in Group Policies in general are not run with a hardcoded -NoProfile in stead of the opposite.

    Of course I can run an ordinary script, calling Powershell with the -NoProfile switch, but that is a bit altmodish.

    Does anyone know, why Powershell Scripts in Group Policies was implemented like this?

  • #19174

    Points: 1,811
    Helping HandTeam Member
    Rank: Community Hero

    Because the GPO just runs PowerShell.exe, which is the console host, which always loads profiles. Probably it just didn't occur to anyone to include support for -NoProfile in the GPO setup.

    You should suggest that in under the PowerShell program. I'd suggest getting folks to up-vote your suggestion, so that it gains more attention from the product team.

  • #19175

    Points: 2
    Rank: Member

The topic ‘Group Policy Logon script issue’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort