4

I want to copy a new hosts file (and delete the old one) among Windows 7 users connected to one domain. Many of my users work remotely. Could anyone advise me the best way to deploy that file with minmal fuss (ideally, I do not want the users to do anything) on the user's end.

Miah
  • 43
  • 5
Regmi
  • 207
  • 2
  • 4
  • 12
  • 1
    Your best bet is to set up a DNS server on an accessible (e.g., public) IP address and have your clients use it. This way, if you need to make changes, you can do so centrally and it will take effect as immediately as you configure the expiry on your zone's SOA record. –  Aug 03 '11 at 20:17
  • 1
    In the long term, we might think of doing this. Thanks Randolf. – Regmi Aug 03 '11 at 22:38

2 Answers2

2

I just tried this and it works with Group Policy preferences. You need to put a copy of the hosts file in a network share and then go into the group policy management console. Create or edit an existing GPO and then under Computer >> Preferences >> Windows Settings >> Files you put the unc path (\server\share\hosts) in the source file box and the path to the hosts file in windows 7 in the destination. (C:\windows\system32\drivers\etc\hosts) Make sure you select the option to "replace" the existing one. You will want to make sure that the scope of your GPO is only effecting the computers you want this effect. Good luck.

Stephen Short
  • 46
  • 1
  • I would highly suspect that the poster's network doesn't have AD installed. Otherwise he would not need to distribute the hosts file. – Vick Vega Aug 23 '11 at 20:24
  • @ Vega We do but I do not have an intimate knowledge of it. – Regmi Aug 24 '11 at 16:30
0

You could create a DOS batch file that uses FTP to download the hosts file from an FTP site that you are in control of. A shortcut to this batch file could be included in their StartUp folder in the Start Menu (the shortcut should probably be set to Minimize the window otherwise your users might try to fiddle with it).

In your batch file you'll need to do the following:

  1. Download your "hosts" file to a temporary directory
  2. Verify the download (not required, but highly recommended)
  3. Turn off the read-only attribute on the local "hosts" file (it's enabled by default)
  4. Move the downloaded (and verified) "hosts" file to overwrite the local "hosts" file
  5. Turn on the read-only attribute on the local "hosts" file

You'll need to work out the details of automating the MS-Windows FTP command. If you need help with that, please post a separate question (and add a comment here that links to that question).

Pascal Cuoq
  • 141
  • 2
  • 1
    The problem with that is regular users do not have write access to the directory the hosts file is saved in, so this would not work. You could perhaps include it in a startup script though. – nhinkle Aug 03 '11 at 20:27
  • That's correct, normal users do not have write access to the hosts file. Not sure if write access could be granted through the batch script Randolf has described above. Can you explain a bit about the startup script nhinkle? Or perhaps point me to a link that explains it. – Regmi Aug 03 '11 at 22:43
  • @nhinkle (+1): Ah, good point for users who are not Administrators. Perhaps the Windows Task Scheduler could be used to run it as a specific user (such as Administrator) with the needed access, or "Everyone" could be granted access ahead-of-time (not a good idea; the first idea is much better). –  Aug 04 '11 at 02:08
  • 1
    @Regmi I'm not intimately familiar with how that would work, since I haven't worked with Active Directory in a while. My understanding is that you can use Group Policy to specify a startup script which can run as an administrator. Beyond that I can't offer many details. – nhinkle Aug 04 '11 at 04:46