Test NetLogon share is available & accessable using utility runing as "LocalSystem" Account

Hello,

    I have a requirement to test that the netlogon share is available & accessable,  in order to do this we have an application running as LocalSystem on the server which runs scripts to check its shared and accessable.

The scripts works fine when running as Administrator but it fails when runing using the local system account.

Any idea ?
PaulGibsonAsked:
Who is Participating?
 
Netman66Connect With a Mentor Commented:
PaulGibson,

Beat him senseless then. :o)

Add the single machine account that is running the script then.

There is no security issue simply adding Read permission.
0
 
Netman66Commented:
Hi PaulGibson,

Add the Domain Computers security Group to the share permissions.

Regards,

Netman66, MCSE, MCT
Microsoft MVP Team
0
 
sirbountyCommented:
Does:
 
 Net View \\Servername|find /i "netlogon"

work for you from a command prompt? (Start->Run->CMD)
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
PaulGibsonAuthor Commented:
Netman66,

       Not an option,  security guy won't allow it :/

sirbounty,

      yes that works fine to verify that the share is shared but it doesn't tell me I can connect to it.

The script I'm running is doing  a   net view \\servname\netlogon |find /i "netlogon"  if it does find it it generates a message saying it doesn't exist
I then do I dir \\servername\netlogon and depending on the error level I'm either doing nothing or generating another message that its inaccessable.

both work fine from the admin account but the local system account doesn't want a bar of it.
0
 
sirbountyCommented:
That's a problem with LocalSystem, I'm afraid...

Can you elaborate on your script?  Maybe there's another way.

One that comes to mind, if it's feasible is to schedule a report remotely...

Server1, 2 & 3 would all have the following schedule:

net share|find /i "netlogon" > c:\Netlogon.rpt

Then, you'd have to copy all rpt files from the remote servers, but you could do that with a script running as admin.

Otherwise - more details, please. :D
0
 
PaulGibsonAuthor Commented:
netman66,
               YEs that was my initial thought untill I met the guy face to face.....  lets just say the guy reminds me of brock lesner except a whole lot smarter  :)


sirbounty,

          The script is for ensuring the servers are up & users can connect as previously we have had quie a few issues where users could not connect to shares.  Its not so much a reporting thing is a monitoring thing,  if the shares are not available we want to know about it prefferably before the users do.
0
 
sirbountyConnect With a Mentor Commented:
Perhaps something like this will work?
==================
@echo off
net use \\myserver\netlogon >nul
if not %errorlevel%==0 goto down
REM Delay can be increased by increased 10 to a higher number
ping 127.0.0.1 -n 10
%0

:down
net send myPC "Shares offline"
===================
This would continually run and if the net use command failed, submit a broadcast message to your PC to alert you...
0
 
PaulGibsonAuthor Commented:
Guys,

    No cigar but I at least had fun beating the security guy up!   ;)

Thanks for the ideas & suggestions
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.