Thanks DOC, for expaining it so eloquently. All the time I see how many ppl want to hack restrictions into the registry via the logon script.
Sometimes there are permission issues. I wish I had a dollar for every one of Jens' posts related to this. Permissions never get in the way of policies.
Sometimes it's a matter of timing. Policies are applied before the logon script so some settings that would only take effect afer a reboot if in the script may be immediate if by policy.
Sometimes you're just giving away all the secrets. By having the reg hacks in clear text in the logon script, you educate the users in how to reverse them. Granted, someone quite knowledgable would be hard to control but still, you don't have to give away the store.
And then there's Wintendo... well, if you've got Wintendos then you got what you deserve as well as my sympathy...
_________________________
Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
