Login Scripts and Windows Server 2003

Posted on 2007-03-27
Medium Priority
Last Modified: 2010-04-18
I have a network with 8 windows server 2003 domain controllers, Windows XP Pro, and using Active Directory. In one of my 8 buildings login scripts are not running for the users, and are unable to recieve mapped drives. Where should I begin to fix this issue?
Question by:crsrvn
LVL 20

Expert Comment

by:Dufo G. Belski
ID: 18799767
The first thing I would do is check the permissions on the sysvol share on that particular DC.
LVL 32

Expert Comment

ID: 18800024

dcdiag /fix

(Download Windows 2003 Support Tools to access this - http://www.microsoft.com/downloads/details.aspx?familyid=6EC50B78-8BE1-4E81-B3BE-4E7AC4F0912D&displaylang=en)


netdiag /fix

(Download Windows 2003 Resource Kit - http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&DisplayLang=en)

on the affected DC.

Make sure all tests are passed.
LVL 97

Expert Comment

by:Lee W, MVP
ID: 18800531
Have you checked your event logs for errors?
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.


Author Comment

ID: 18835942
Permissions are ok on the sysvol.

dcdiag /fix results in following errors:
 Starting test: Advertising
    Warning: TVAE-AD1 is not advertising as a time server.
    ......................... TVAE-AD1 failed test Advertising
 Starting test: Services
       w32time Service is stopped on [TVAE-AD1]
    ......................... TVAE-AD1 failed test Services
Starting test: systemlog
   An Error Event occured.  EventID: 0x00000457
      Time Generated: 04/02/2007   08:36:20
      (Event String could not be retrieved)
   ......................... TVAE-AD1 failed test systemlog

netdiag /fix results in all tests passed.

In my event logs I am seeing DNS Server errors with event id's 4004 and 4015. I am also seeing warnings under the directory service for NTDS Replication with an id of 2089. Under Application in my event log I am seeing a userenv error with an event id 1030, there are also a couple groveler and ESENT errors. I'm lost on this.
LVL 32

Expert Comment

ID: 18836073
There does seem to be a definite time issue on this DC - which could explain the lack of mapped drives.

Can you make sure that the W32time service is set to Automatic - and is Started.

Also - check that "Allow this service to interact with the desktop" is not checked.

Can you also set this DC an authoritative time server:


Author Comment

ID: 19102880
The problem ended up being a DNS issue, thanks for all the help.
LVL 32

Expert Comment

ID: 19102975
What was the final resolution?

(so in future people using the site can find a solution - or at least point them in the correct direction)

Author Comment

ID: 19103592
The Domain Controllers are all running DNS. But none of them had their own ip listed as the first DNS server when running an ipconfig /all. They all refered to another DNS server on the network. I was refered to this article.

I hope this helps.
LVL 32

Expert Comment

ID: 19106405
Okay - please ask a new, 0-point question in Community Support\General TA (http://www.experts-exchange.com/Community_Support/General/) containing a link to the original question with a request to close and PAQ or delete it (as you answered the question yourself - a refund is applicable).

After 4 days, allowing for comments from participating experts, the question will be closed.

Accepted Solution

Vee_Mod earned 0 total points
ID: 19204690
Closed, 250 points refunded.
Community Support Moderator

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question