| Microsoft Deployment Toolkit
Documentation Library Logon Security Banners |
   |
| Microsoft Deployment Toolkit
Documentation Library Logon Security Banners |
|
Problem: MDT task sequences are processed during an interactive user session, which requires that the target computer be allowed to log on automatically using a specified administrative account. If a Group Policy object (GPO) is in place that enforces a logon security banner, this automatic logon will not be allowed to proceed, because the security banner halts the logon process while it waits for a user to accept the stated policy.
Possible Solution: Be sure that the GPO is applied to specific organizational units (OUs) and not included in the default domain GPO. When you add computers to the domain, specify that they be added to an OU that is not affected by a GPO that enforces a logon security banner. In the Task Sequence Editor, include as one of the last task sequence steps a script that relocates the computer account to the desired OU.
Note If you are reusing existing Active Directory® Domain Services (AD DS) accounts, ensure that prior to deploying to the target computer you have relocated the target computer’s account to an OU that is not affected by the GPO that enforces the security logon banner.
Related Topics
| Copyright © 2012 Microsoft. All rights reserved. | |