Solved

Windows 2003 and XP client Group Policy Problem

Posted on 2004-09-24
8
187 Views
Last Modified: 2010-04-19
Hi all,

I am trying to get all my users to execute this logon.vbs script (it maps X: to their home directory on a network share).

I have created an OU called "company" and also a GPO that is called "company". I went and edited the user setting of this GPO, and set the logon script to be that script (I put my script in a folder called "script" in my F Drive). So when i double click on my logon script property, it now shows F:\script\logon.vbs.

I have dragged this GPO to link with my "company" OU. and in active directory user console, i dragged my users to this OU.

My problem now is :
- all my XP clients are not running this script (I don't know why)
- when users logon to the server, it runs!! (or when i log in using terminal server)

why is this the case ? Why is my XP clients not running the script. I need help!! THANKS!!!

i have rebooted my server and did a gpupdate on my clients already.

THANK A BUNCH in advance!!

- win2k3 newb
0
Comment
Question by:hermanlam
  • 5
  • 3
8 Comments
 
LVL 6

Expert Comment

by:Casca1
ID: 12150785
Hmm; Is there any reason you didn't apply this in the Default Domain Policy?
Let's get some clarification. It looks like you're wondering why the machine doesn't get  the policy, but it runs and is applied when the user logs on. Correct?
>My problem now is :
>- all my XP clients are not running this script (I don't know why)
>- when users logon to the server, it runs!! (or when i log in using terminal server)
By that, I assume you mean when the user authenticates, correct?

If that's the only modification, mapping the users drive, there are a couple ways to do it, including the method you are trying to use.
There are certain caveats, though.
1) No GPO can be applied to computers still in the default Domain Computers OU.
2) Settings in a higher level GPO for the computer should apply, but but might not when the computer is still in the default location.
0
 

Author Comment

by:hermanlam
ID: 12151495
My reason for not applying to Default Domain Policy : i want only users in this "company" OU to execute these shared drives. I have guest users in the company, and all they can do is surf the internet. I don't want them to access my network drives.

I have removed the script from the "Default Domain Controller" OU in GPMC. It doesn't execute the script when i logon using the server.

>If that's the only modification, mapping the users drive, there are a couple ways to do it, including the method you are trying to use.
>There are certain caveats, though.
>1) No GPO can be applied to computers still in the default Domain Computers OU.
>2) Settings in a higher level GPO for the computer should apply, but but might not when the computer is still in the default location.

I don't get what you mean. What is the exact step in setting this up. Do i need to add a new "computer" in the OU ?

thanks again!
0
 
LVL 6

Expert Comment

by:Casca1
ID: 12151751
Sorry; I was a little off track. 8-)
This can be applied to a GPO set at the OU level to the user settings.
So, on the Company OU, open the GPO, navigate to Windows settings, and select logon script. In there, simply add it to the script. Then, into the porperties of the GPO, and select the read and apply settings for whichever group you want it applied.

0
 

Author Comment

by:hermanlam
ID: 12152987
Hi casca

I think i have solved the problem. The reason why it only executes on my server is that i have defined my script path in the GPO to be F:\script\logon.vbs. In fact, i should share that drive and put an UNC there and have //server/script/logon.vbs.

This is all working now.
Thanks!!
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 6

Expert Comment

by:Casca1
ID: 12153292
Well, Cool. Glad you got it fixed. Bad thing is, I didn't think of that being the issue, and I've run into it. I just thought it was to bone-headed to be it.

I mean, ah, heck, you know what I mean, no insult intended. Nice to see you got it fixed.
Any thing else I can send you off to the north pole after? 8-)
0
 

Author Comment

by:hermanlam
ID: 12154115
Thanks a lot for the help anyways.

One thing while I encountered when I was refining the policy (now that i got it to execute on the client) is that i would like to create some desktop shortcuts that will link to some program that will execute on the server. How do i do that ?

Another thing is i am trying to get all my users' "My document" or windows profile(i.e: wallpaper, xp color scheme, etc) to be stored on the server so that their desktop will look the same no matter which client they log onto.

I know this is a whole separate question, but i am new to experts-exchange and i don't have much points left to offer. Please bear with me.

=)

it would be great if you could help me on this too, thanks!

- win2k3 newb
0
 
LVL 6

Expert Comment

by:Casca1
ID: 12155170
Well, let's start with the easy one. The user profile can be set as either local or roaming.
Roaming profiles are what you want if the users will use different computers.
If they will always use the same computer, but you are after enforcing certain things, like wallpaper, etc, but the user will always be on the same computer, then you need to lock things down.
You might also want to lock down a roaming profile, and that is also possible.
All of these things are easily controlled through GPO for the lockdown, but there are some things to be aware of. Locking the user down is easy as pie. Using roaming profiles isn't quite so easy.
You can do some searches on roaming profiles, and find some great information.
http://www.novell.com/coolsolutions/zenworks/features/trenches/tr_remove_profiles_zw.html
This link will help you avoid the headache's that go with Roaming profiles.
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deployguide/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/all/deployguide/en-us/dmebc_dsm_ivvs.asp
This is the MS guide for 2003 server, and that link should take you to configuring roaming user profiles, and it is more or less a walk through.

When you ask about creating the shortcuts, what exactly do these shortcuts need to do? Are they simply a shortcut to a server based or centrally located program, much like the shortcuts that are already used, except for the target location of the executable, or do you actually need these programs to launch at user logon? It sounds like you want to place a link to an app that could just as easily be on the individual workstation.
If that's the case, simply create a drive mapping (easiest method) that points a drive letter at the server sahre to use, then open an explorer window to the drive, and create the shortcut needed. You can also add the mapping to the tailend of the script, before the end statement, and this share will be created and mapped at logon, and will be in place.
Hope that helps.
0
 
LVL 6

Accepted Solution

by:
Casca1 earned 125 total points
ID: 12155201
Additionally, you said you're short on points.
There are a couple of ways to get points. The first is the old fashioned way; Simply cough up some cash and pay for the Premium service. That get's you a hefty supply of credits to ask questions, and allows you to search the archived questions. That feature alone is handier than three arms.
The next method involves spending a lot of time readin EE, gleaning and learning, and eventually, answering questions.
Once you achive 10000 points, they offer you the premium membership, and to continue to qualify, it only takes 3000 points a month.
Now, I know you are saying, I don't have the knowledge to do this, or the time, I have a network to support!
Trust me on this, the points themselves, once you can start answering questions, are easy. A grade of A on a 500 point question yields 2000 points.
Thus, 5 correctly answered questions with a grade of A earns the points to get into premium. 2 more questions a month, roughly, could keep your monthly points up to continue your membership.
You're probably still thinking, yeah, but I still have to answer the questions.
You obviously know enough to ask the questions here, and to recognize when the answers given can fix your issues, correct? You know more than you give yourself credit. 8-)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now