Shell – Run a script when group policy is applied (not at login or startup)

group-policypowershell

How would I go about getting a Powershell script on a set of computers to run periodically throughout the day while the computer is on? (we already use the "at startup" or "at logon" but some of the computers are left on without logins for days. We also can't use a regular Scheduled Task because these scripts report data to a server, and we don't want 300 computers hitting the server all at the same second. We also would like to avoid having the script be left running, with the delays determined by the script, because it sometimes crashes.)

Is there a way to either:

  • Run a script when the GPO is applied (I think 90-minute intervals after startup, which will be staggered throughout the building)?
  • Run a script at irregular intervals (eg. every next interval would be between 60-80 min) or at random ranges of times of day (eg. Every day sometime between 1pm and 2pm). I doubt this one is feasible?

    I guess one way to do this as a Scheduled Task would be to have a random delay of 0-5 min at the beginning of the script, but then we'd like to avoid that delay when testing or when invoked at startup or login.

    • Best Answer

    Is there a way to run a script when the GPO is applied?

    Yes. You can create a scheduled task that will trigger when a specific event occurs:

    On an event

    This trigger causes the task to run when specific event entries are added to an event log. You can choose between specifying basic event trigger settings or custom event trigger settings. If you choose the basic event trigger settings, a single event from a specific event log will trigger the task. You choose the event log that contains the event, the event publisher name, and specify the event identifier.

    Source Triggers

    The eventID you need for the trigger is probably 8006:

    The Group Policy service reserves event IDs between 8000 and 8007 to indicate a particular type of Group Policy processing completed successfully.

    enter image description here

    Source Troubleshooting Group Policy Using Event Logs

    Related Question