Check which logon scripts are being used

These are the policies being applied to the computer. The name tells you nothing about the real underlying policy. It is possible they logged in and did not get the GPO or the startup script did not run due to lack of network connectivity. Or will map it then after minutes it will disappear. Show 9 more comments. Sign up or log in Sign up using Google. Sign up using Facebook. Sign up using Email and Password. Post as a guest Name. Email Required, but never shown. The Overflow Blog. Podcast Explaining the semiconductor shortage, and how it might end.

Does ES6 make JavaScript frameworks obsolete? Featured on Meta. Now live: A fully responsive profile. Security Account Manager. LSA Secrets. Cached Domain Credentials. Proc Filesystem. Steal Application Access Token. Steal or Forge Kerberos Tickets. Golden Ticket. Silver Ticket. Steal Web Session Cookie.

Two-Factor Authentication Interception. Unsecured Credentials. Credentials In Files. Credentials in Registry. Bash History. Private Keys. Group Policy Preferences. Container API. Account Discovery. Email Account. Application Window Discovery. Browser Bookmark Discovery. Cloud Infrastructure Discovery. Cloud Service Dashboard. Cloud Service Discovery. Cloud Storage Object Discovery. Container and Resource Discovery. Domain Trust Discovery. File and Directory Discovery. Group Policy Discovery.

Network Service Scanning. Network Share Discovery. Password Policy Discovery. Peripheral Device Discovery. Permission Groups Discovery.

Local Groups. Domain Groups. Cloud Groups. Process Discovery. Query Registry. Remote System Discovery. Software Discovery. Security Software Discovery. System Information Discovery. System Location Discovery. System Language Discovery. System Network Configuration Discovery.

Internet Connection Discovery. System Network Connections Discovery. System Service Discovery. System Time Discovery. Lateral Movement. Exploitation of Remote Services. Internal Spearphishing. Lateral Tool Transfer. Remote Service Session Hijacking. SSH Hijacking. RDP Hijacking. Remote Services. Remote Desktop Protocol. Distributed Component Object Model. Windows Remote Management.

Taint Shared Content. Archive Collected Data. Archive via Utility. Archive via Library. Archive via Custom Method. Audio Capture. Automated Collection. Browser Session Hijacking. Clipboard Data. Data from Cloud Storage Object. Data from Configuration Repository. Network Device Configuration Dump. Data from Information Repositories. Code Repositories. Data from Local System. Data from Network Shared Drive. Data from Removable Media. Data Staged. Local Data Staging. Remote Data Staging.

Email Collection. Local Email Collection. Remote Email Collection. Email Forwarding Rule. Screen Capture. Video Capture. Command and Control. Application Layer Protocol. Web Protocols. File Transfer Protocols. Mail Protocols. Communication Through Removable Media. Data Encoding.

Standard Encoding. Non-Standard Encoding. Data Obfuscation. Junk Data. Protocol Impersonation. Dynamic Resolution. Fast Flux DNS. Domain Generation Algorithms. DNS Calculation. Encrypted Channel. Symmetric Cryptography.

Asymmetric Cryptography. Fallback Channels. Ingress Tool Transfer. Multi-Stage Channels. Non-Application Layer Protocol. Non-Standard Port. Protocol Tunneling. Internal Proxy. External Proxy.

Multi-hop Proxy. Domain Fronting. Remote Access Software. Web Service. Dead Drop Resolver. Bidirectional Communication. One-Way Communication. Automated Exfiltration. Traffic Duplication. Data Transfer Size Limits. Exfiltration Over Alternative Protocol. Exfiltration Over C2 Channel. Exfiltration Over Other Network Medium. Exfiltration Over Bluetooth.

Exfiltration Over Physical Medium. Exfiltration over USB. Exfiltration Over Web Service. Exfiltration to Code Repository. Exfiltration to Cloud Storage. Scheduled Transfer. Transfer Data to Cloud Account. Account Access Removal.

Data Destruction. Data Encrypted for Impact. Data Manipulation. Stored Data Manipulation. Transmitted Data Manipulation. Sign up using Facebook. Sign up using Email and Password.

Post as a guest Name. Email Required, but never shown. The Overflow Blog. Podcast Explaining the semiconductor shortage, and how it might end. Does ES6 make JavaScript frameworks obsolete?

Featured on Meta. Now live: A fully responsive profile. This policy setting is designed for advanced users. If you disable or do not configure this policy setting, the instructions are suppressed. Toggle navigation Group Policy Home.