Solved

Login script w/multiple DCs

Posted on 2006-07-10
8
347 Views
Last Modified: 2010-04-18
I've got 2 2003 Servers. Both are DCs, GCs and DHCP servers. I've got a Visual Basic login script placed in the \\domain.dom\netlogon folder. I have a Login Script policy in GPO tied to my main OU. The Logon script path is \\domain.dom\netlogon\login.vbs

The problem is when I shut down DC1 and log into a workstation, the login script is not being run. I need it to pull the script when logging into DC2. When DC1 is down, I can browse to that Netlogon folder and manually run the script, so it's not a rights issue. For some reason it's just not running itself when DC1 is down.

Someone please advise.
0
Comment
Question by:lbbcsg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 17073403
This script should be placed in :

C:\WINDOWS\SYSVOL\sysvol\{your domain here}\scripts

This will then replicate to all DCs.

The GPO running the Logon script will then simply point to login.vbs with no UNC path.

0
 
LVL 2

Author Comment

by:lbbcsg
ID: 17073814
When I put it in the C:\WINDOWS\SYSVOL\sysvol\domain.dom\scripts folder then go into my GPO and choose Logon Script, I have to drill down to find it, and it ends up putting in the entire path with the file name at the end.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17073966
When you click Add for the logon script, you should be presented with a logon script name and parameters.  By default, it should place the script in the GPO (policy's) folder as below - note the GUID will be different for you.

\\Domain\SysVol\Domain\Policies\{E1E61435-DA91-4FEC-BD81-582D8543F0AE}\User\Scripts\Logon

As log as the script is in the policy folder it will replicate to all DCs and should be available.

You can leave it in the Scripts folder as instructed above, but you will need to drill down to it.

Either way should work for you.
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 2

Author Comment

by:lbbcsg
ID: 17074177
Netman, thanks for the help thus far.

I know what you mean when I hit Browse and it looks in the default spot like you mention above. If I put my script in there, it still doesn't run when DC1 is down.

So far I've tried:

\\Domain\SysVol\Domain\Policies\{E1E61435-DA91-4FEC-BD81-582D8543F0AE}\User\Scripts\Logon
C:\WINDOWS\SYSVOL\sysvol\{your domain here}\scripts

From both spots, no script runs when DC1 is down. Yet I can browse to both locations while DC1 is down and manually run it.

Anymore ideas?

0
 
LVL 51

Accepted Solution

by:
Netman66 earned 250 total points
ID: 17074307
If you place the script in that location on DC1, then it should replicate to DC2.

If you have DNS configured correctly, then the client should authenticate to DC2 if DC1 is down and run the script correctly.

Is DC2 a Global Catalog?  Is it running DNS and in sync with DC1?

0
 
LVL 2

Author Comment

by:lbbcsg
ID: 17074838
The replicaiton works, I can make a change to the script on DC1, then within seconds see the change on DC2. DC2 is a GC. I will have to verify the DNS status.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17081839
I think you'll find that this:  The Logon script path is \\domain.dom\netlogon\login.vbs

Should simply refer to the script name of login.vbs in that GPO isnce it knows where to look already.  

By adding the domain it likely only resolves to the other DC.

0
 
LVL 2

Author Comment

by:lbbcsg
ID: 17167102
It came down to being a DNS issue. Once I added the 2nd DNS server IP address inside DHCP it seemed to resolve the problem.
0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question