Question

  • Creator
    Topic
  • #2150517

    Login Scripts not working

    Locked

    by captn.dude ·

    Hi All,

    I am trying to set-uo a mapped drive at logon for an OU. I am no system admin so please bear with me. I am using the follwing script syntax:
    Set objNetwork = CreateObject(“wScript.Network”)
    objNetwork.MapNetworkDrive “Q:” , “\\srv9\applications”

    I have also tried the following .bet file in place of the vbs with no change in the results:

    net use q: \\srv9\applications persistent:yes

    I then assigned that using the Group policy management mmc snap-in to everyone in the OU. When they login nothing happens. FYI I put the script in the default directory that the GPO snap-in asked for. (\\”FQDN”\SysVol\”FQDN”\Policies\{AC6BDDD8-8B3D-4BAD-B9FF-92C5D33F4895}\User\Scripts\Logon) Where “FQDN” is our domain. Before anyone asks why drive mappings vs UNC, the remote application requires it.

All Answers

  • Author
    Replies
    • #2926232

      Clarifications

      by captn.dude ·

      In reply to Login Scripts not working

      Clarifications

    • #2926229

      Syntax

      by jellimonsta ·

      In reply to Login Scripts not working

      Set objNetwork = CreateObject(“WScript.Network”)

      You had the w and S capitalization transposed in your example.

      http://tinyurl.com/mzekm

      Regards.

      • #2926228

        Thanks Jelli

        by captn.dude ·

        In reply to Syntax

        transposed or I just forgot to capitalize the “W”?

        • #2926197

          Working now?

          by jellimonsta ·

          In reply to Thanks Jelli

          So, are you off to the races now? Or are the scripts not working using GPO?

          http://www.rlmueller.net/LogonScriptFAQ.htm

        • #2926167

          Not yet

          by captn.dude ·

          In reply to Working now?

          The script(s) work if I visit a workstation and execute the vbs things are fine. Via GPO it works for two of the users but doesn’t work for all of the users even though they are all in the same OU. Weirdness.

        • #2926164

          Similarities

          by jellimonsta ·

          In reply to Not yet

          What are the similarities and disparities of the users? OS, security priviliges? You may need to use a .bat file to call the .vbs.

        • #2926152

          Something like this

          by rob miners ·

          In reply to Similarities

          You can copy CScript.exe and logon.vbs to the NetLogon folder, modify and call the batch from your proper logon script.

          Example:

          :SCRIPT
          : Run logon script proper
          %0\..\CScript.exe %0\..\logon.vbs //Nologo

        • #2925583

          Hmmm

          by captn.dude ·

          In reply to Something like this

          What is this script doing? I don’t know what CScript.exe and logon.vbs do. This is not my primary role with this company, we just lost our sysadmin.
          My issue is that when a user executes the vbs locally, all is fine. I simply cannot get logon scripts to run for all users within an OU using GPO. It does work for two of the five with no issues at all.

        • #2925587

          Similiarities etc

          by captn.dude ·

          In reply to Similarities

          They are all domain users with standard privs. there is no logical reason for the disparity, I went and adjusted the GPO to allow for “slow network connections”, we’ll see if that helps. Worst case I just have them map a persistent drive by actually sending them the vbs. It’s just frustrating.

        • #2925563

          OS?

          by jellimonsta ·

          In reply to Similiarities etc

          Are they all running XP SP2 or greater?

          I would generally have a batch file (or CMD) in the NETLOGON call the script.

          Have you tried creating logon.cmd in the NETLOGON share with the following entries?

          call Wscript %logonserver%\netlogon\logon.vbs //e:vbscript

          Also, have you verified the users who are not functional have ‘Connect client shares at logon’ checked in the ‘Environment’ tab of their user properties?
          Regards.

        • #2925990

          OS? cont

          by captn.dude ·

          In reply to Working now?

          Everyone is running XP SP2. I do have a question about your script.

          “Have you tried creating logon.cmd in the NETLOGON share with the following entries?

          call Wscript %logonserver%\netlogon\logon.vbs //e:vbscript

          Also, have you verified the users who are not functional have ‘Connect client shares at logon’ checked in the ‘Environment’ tab of their user properties?
          Regards. ”

          All users have “Connect client drives at logon” selected. With respect to your script, Should I use that exact syntax? What is //e:vbscript? And where is NETLOGON, sorry for the n00b questions. Also, this site is not emailing when you reply so sorry for the delay.

        • #2925793

          Sorry…

          by jellimonsta ·

          In reply to OS? cont

          Never mind that, it was specific to our scripting. :0

          In your original script, have you tried removing the space before the comma?

          Set objNetwork = CreateObject(“WScript.Network”)
          objNetwork.MapNetworkDrive “Q:”, “\\srv9\applications”

          That may well be your problem.
          Edit:
          Also, if you browse to that server you should see NETLOGON as a root share. Or from your system, go to Start>Run:
          %logonserver%\netlogon

          Another thing you can try is renaming your logon.cmd to domainlogon.cmd and updating the GPO. I found this on 2k, but it may still be valid in your case.
          http://support.microsoft.com/kb/277803/en-us

          Good luck.

    • #2926217

      Try this. Worked great for me.

      by 1bn0 ·

      In reply to Login Scripts not working

      http://www.primalscript.com/Free_Tools/index.asp

      Logon script generator.

      Free download.

      • #2926209

        Thanks

        by captn.dude ·

        In reply to Try this. Worked great for me.

        The scripts I have work, they just don’t appear to be running. For example if I manually run that script on a host it works fine, just not when I try to use AD to push it.

        • #2915281

          Did you resolve your problem?

          by 1bn0 ·

          In reply to Thanks

          FYI. The Netlogon directory appears as a share on every server in the domain.

          \\server1\netlogon
          \\server2\netlogon
          \\server3\netlogon
          \\server4\netlogon

          Anything placed in the netlogon share of one server will be replicated/copied to every other server in the domain. This usually happens within minutes.

          Workstations then look in the netlogon share of whatever server thay are authentacting against for the logon scripts.

          I never work through the sysvol path, just enter the first server name that comes to mind, \\servernas, and add \netlogon after it. \\servernas\netlogon.

        • #2917074

          Not yet

          by captn.dude ·

          In reply to Did you resolve your problem?

          I haven’t fixed it yet but thanks for the info. I had to stop messing with that and do some of my real, pen-testing, work.

Viewing 2 reply threads