I am applying several preferences via group policy, e.g. drive mappings, regkeys, desktop icons and so on. The problem is that it takes two logons for this settings to get applied.
Thinking about it in more detail makes it clear why. The first logon writes the settings to the HKCU hive, but as all user processes are already loaded at that time the user needs to logoff and back on again to make this settings effictive. The solution would be to write to the HKCU hive before the user processes are getting loaded.
Currently we are working around this whis a binary that is part of the logon script. This binary prevents all user input and forces a user logoff after a specific time. It only runs the first time the user log's on.
I am totally unhappy with this dirty hack. Is there a way around this? Thanks in advance.
Computer/Administrative Templates/System/Group Policy:
- Configure user Group Policy loopback processing mode: Enabled => Merge
- Configure folder redirection policy processing:
- Allow processing across a slow network connection: Enabled
- Process even if the Group Policy objects have not changed: Enabled
- Configure Drive Maps preference extension policy processing:
- Allow processing across a slow network connection: Enabled
- Process even if the Group Policy objects have not changed: Enabled
- Background priority: Idle
User/Administrative Templates/System/Scripts:
- Run logon scripts synchronously: Enabled
Best Answer
The following setting seems to exactly do the trick:
The setting description says: