Here's my scenario. My questions are at the end:
I have a number of Windows XP Pro SP2 laptops that are members of a Win2k AD domain. At the Domain level, I have a group policy that is supposed to apply a MS hotfix at system logon. It has worked successfully everywhere to my knowledge, with the exception of these blasted laptops. These laptops are all wireless. The laptop wireless cards are all Intel (2200 or 2300 - I can't remember which) and the wireless profile is set to connect PRIOR to Windows logon, but obviously it isn't happening fast enough. Windows is NOT managing this wireless connection. From a network standpoint, the only difference between these laptops and the wired desktops is that they are wireless (duh!) and there is a Cisco 1230 a/b/g access point between them and my Cisco Catalyst 3560 switch...
I have a number of Win XP Pro SP2 workstations on the same subnet that are wired. The group policy applies to the wired workstations just fine, but not to the laptops. In the event logs of the laptops, specifically the System log, almost immediately after the 2 or 3 eventlog entries upon bootup, there is an event 5719 with the source of Netlogon, with this text:
No Domain Controller is available for domain <domainname> due to the following: There are currently no logon servers available to service the logon request. Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
This is because (Im pretty sure) the systems are booting up with a wireless connection. Even though the wireless profile is set to connect prior to system logon, I dont believe it is connecting quite fast enough. What I understand that this means is that the COMPUTER is unable to authenticate its COMPUTER account with the domain. This is prior to the user ever entering their username and password, or in this particular case auto logon via TweakUI. Since the COMPUTER is unable to authenticate itself and login to the domain, it is unable to process the group policies that are supposed to be applied at logon. Since the logon of the computer account never actually happens, the group policies are not applied and the logon script to apply the hotfix is not run.
What I discovered is that if you connect the wired port of the laptop directly to the network, the system seems to be able to authenticate its computer account just fine and then group policies apply and the update applies itself. This is a pain because it involves having to disconnect the laptop from various pieces of external equipment, take it to a live network jack, reboot it, and possibly fool around with the BIOS (to make sure the network jack is enabled).
I have a theory that may alleviate this pain relatively quickly. Here are the steps:
1. Boot up the affected system (it will auto logon as a domain user)
2. Logout
3. Login as a domain administrator - a local administrator account may not work properly
4. Go to Control Panel, Administrative Tools, Services (fastest way to get there is Start, Run, Services.msc)
5. Scroll down to the Net Logon service
6. Right click on the Net Logon service
7. Left click on Restart. (it should process within seconds)
8. Group policies should apply and the hotfix will install
Here are my questions.
1. Am I on the right track?
2. If so, is there any way to make sure that Net Logon doesn't happen until the Wireless connections is properly established so that the next time I apply a logon script it will actualy run upon a system reboot without me having to go through all this again?
Thanks!
Start Free Trial
