In this post using group policy we will configure the domain controller interactive logon message. When these policy settings are configured, users will see a dialog box before they can log on to the server.
For Domain Controllers when you configure interactive logon message, the legal notice message appears when the user hits CTRL+ALT+DEL. I will be creating a new group policy and deploying it to domain controllers running Windows Server 2019.
To display legal notice on domain computers using Group Policy, refer this post – https://www.prajwaldesai.com/how-to-configure-legal-notices-on-domain-computers-using-group-policy/.
Most of all you can configure interactive logon message on domain controllers in two ways :-
- You can write a cool script and execute it at the every logon.
- Configure legal notice using a group policy.
If you have a script available with you, go with first method. Otherwise a GPO is always a recommended approach for displaying legal notices.
Configure Domain Controller Interactive logon Message
Using a group policy, let’s configure domain controller interactive logon message.
- First of all login to the domain controller with an administrator account.
- Click Start > Administrative Tools > Group Policy Management.
- Under Domains, right click the OU (Domain Controllers) and click Create a GPO in this domain, and link it here.
- If you wish to link it later to a different OU, you can do that as well.
Specify a name for this new GPO. Something like Configure Domain Controller Interactive Logon message. Click OK.
Edit the newly created GPO. In the Group Policy Management Editor, expand Computer Configuration > Policies > Windows Settings >Security Settings > Local Policies. Now click Security Options.
Look for two policy settings :-
- Interactive logon: Message text for users attempting to log on
- Interactive logon: Message title for users attempting to log on
Right click Interactive logon: Message text for users attempting to log on and click Properties.
Type the message that you want show to the users who logon to domain controllers. Click OK.
Next, right click Interactive logon: Message title for users attempting to log on and click Properties. Specify the title and click OK.
I have linked this group policy to my domain controllers OU. Therefore this policy applies only to domain controllers in my setup.
Finally lets test the group policy. Sign out of domain controller. Now before you sign-in the interactive logon message appears.