There is some pluses and some minuses to migrate your profile-based scripts to GPO-based scripts:
Advantages of Group Policy based scripts:
- The script runs hidden, so there is no chance for the user to terminate it before completion
- When you create a new user, you only have to put it in the right OU for the logon script to run
- You do not only have a logon script, but also logoff, startup and shutdown scripts.
- One of these days, Microsoft will remove support for legacy i.e. profile-based scripts and you will be ready for that
Disavantages of Group Policy based scripts:
- If you want to have a script for a single or a few user(s) you have to create an OU just for them
- They are not available to not AD-aware clients
Where are these settings located ?
- GPO-based scripts are in Active Directory Users and Computers aka ADUC, right-click on your domain or OU, Properties, Group Policy tab, Add a Group Policy Object or edit an existing one. Startup/shutdown scripts are under Computer Configuration, Windows Settings, Scripts and logon/logoff scripts are under User Configuration, Windows Settings, Scripts.
- Profile-based scripts are in ADUC, right-click an user and select Properties, Profile tab and enter the script in the Logon script field. The script may be a batch file (.bat or .cmd) or an executable. It must reside in the NETLOGON share of your domain(s) controller(s).