Is there any way to programmatically add a startup script to the local group policy?
I need to write a script that can add itself to the startup scripts in the local group policy so that it can run even when no users are logged in. This can be done using gpedit.msc and going into Computer Configuration > Windows Settings > Scripts > Startup. However, I haven't found a way to do this programmatically.
I've looked into simply editing the registry. I found the relevant location to be HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\State\Machine\Scripts\Startup, but simply adding my own entry does not have any effect. The computer is not part of a domain.
Does anyone know how to do this? Is there a WMI approach?
Answer
I think you have to modify %windir%\system32\GroupPolicy\gpt.ini, appending [{42B5FAAE-6536-11D2-AE5A-0000F87571E3}{40B6664F-4972-11D1-A7CA-0000F87571E3}] to the gPCMachineExtensionNames line and incrementing the Version value by one. (source).
Try adding and removing a script via group policy editor and you can watch how gpt.ini changes. When you add a script, you can also use the structure created in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\Scripts\Startup\0 as a template.
For anyone coming across this thread whose machine is a member of a domain, I've noticed that domain-defined group policies appear in the registry after local policies. So if you've already got a domain policy at ...\Scripts\Startup\0, you should copy it to ...\Scripts\Startup\1 before creating your local machine policy.
In any case, expirement with the GUI and see how stuff changes before attempting programmatically.
You'll also need to run gpupdate to refresh group policies.