I would like to know if I can wirte a script that would configure local group policy on several laptops?
For those of you wondering why I want to do this (as someone is likely to ask with some sort of self delegated authority) I've recently been covering down on a coworker who mainly images laptops to deploy to different locations. Something I have noticed is that for every laptop he images, he manually configures the local gp prior to joining these said laptops to the domain. Now, one might wonder why as these laptops will inherit policies once introduced to the domain, however, after speaking with our GPO guy, he basically told me that those specific policies aren't being pushed by GPO hence why my coworker is doing it manually (the end) This is where my question comes into play I'd like to have a .vbs or .bat file that I can run on each of these computers that will automate this process. It just seems silly to me that an IT department hasn't yet figured to do this yet . Most of the answers i get is "i just don't know how to..." So I'd like to learn or atleast be pointed in the right direction All I'd really need is a sample and I think I can go from there.
The following is just a bite of what needs to be configured.
Computer Configuration> windows settings> security settings > Local Policies > User rights assignments > Allow logon thru terminal services - add "Administrators"
Computer Configuration> windows settings> security settings > Local Policies > User rights assignments > Deny logon thru terminal services - Remove "Everyone"
Computer Configuration> windows settings> security settings > Local Policies > Security Options > Domain Member: digitally encrypt (alway) - "Disabled"
Computer Configuration >Administrative Templates > Printers > Disallow installation of printers using kernal-mode printer drivers - "Disabled"
there's more but i think I'll get the gist with those