We help IT Professionals succeed at work.

Login script error

403 Views
Last Modified: 2010-04-16
I have a 2003 Server with AD and a few login scripts.
Some uses map a drive to another server (across the country) that is not in the same domain but connected through a hardware VPN connection.
I created a user on the foreign server with full access to a network share so in my login script, I enter the following.
NET USE L: /DELETE
net use L: \\foreignserver\\common password /user:domain\username
The L drive shows up but when a user clicks on the drive, they are prompted with a username and password box to login. If they use the exact credentials passed along in script, it maps the drive and works.
Secondly, If I open a DOS prompt and type in the commands verbatim from the script, it also works so I know the syntax in the script is correct but just can't figure out why it won't automatically just map the drive without user intervention.
Thanks,

Jim


Comment
Watch Question

How did you deploy the logon script ... through Group Policy?  If so, where did you link the policy?

Author

Commented:
I didn't use Group Policy. I just entered logon script batch filename in users AD profile.
It maps all other network shares fine. Just the ones outside the domain don't work.
Hello,

It's a problem of syncronization. If you wait until L: is disconnected and then continues with net use L: \\server\shared ....
it will work.
For solve this you can do:
wait some seconds in a loop and test connection, when dropped, continue. for example

:up
if not exist \\server\shared\test.txt goto ok
wait 3 (you can use any little sleep program)
goto up
:ok
net use l: \\server\shared\.....


HTH
jordibartrina - I'm not following, the 'net use' statement won't return control to the script until such time as it either succeeded or failed ... so what is it we're waiting for?
CERTIFIED EXPERT
Most Valuable Expert 2019
Most Valuable Expert 2018

Commented:
That could be a problem with the password. Avoid any of these characters in a password that you're using in a batch script:
% ^ " & | < > ( )

Author

Commented:
The password is very simple, short and basic, and works fine when typed in manually.
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
It seems like we need to interact with the logon script, I'd suggest that you add "cmd" to the script on the line before the mapping, logon, restore the window and have a look around ... try -

net use
... to see what's already mapped

net use l: \\server\share password /u:domain\user
... to see if it maps for you from within the logon script

etc ...
jordibartrina - ahhh, you're not saying the script proceeds too quickly -- you're saying that the Desktop is rendered prior to the script's completion due to policy ... mmm, seems possible but I wouldn't have expected the problem to occur so often (though I suppose the bandwidth may be limited causing the slowness).  Fair enough -- however, if I am now understanding you correctly, I believe the registry key and value to control that is -

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

value: RunLogonScriptSync (REG_DWORD

0 = Don't wait for the logon script to complete before loading the desktop.
1 = Wait for the logon script to complete before loading the desktop.

---

jciancia - are you able to determine if the script has finished executing? (you should be able to see the minimized command prompt around the Start button)

If it does appear to be a race condition, set the registry value key/value above to 1 and retry ...

Author

Commented:
Are you saying that this registry value needs to be on each workstation?
The script does finish executing.
I assume this is a manually created key as I don't see it in the workstation registry?
You are also saying to set this to "1" to make sure the script completes, yes?
Correct on both counts re: the registry.

I would still suggest that you first modify the script per my earlier suggestion ...
Hello again,

MSE-dwells: Yes, in low bandwidth or big bandwidth but very loaded, the logon scripts fails on my sites, and we found this solution.
jciancia: you can force with group policy for all your users/machines  (or you can define OUs for this purpose) this key to enable (1), i will try with a policy asigned to a site. If I'm distant of the server, my group policy assigns 0 to me, if I'm in the subnet of the server, group policy can assign 1 to me and speed up my connections.
why not just assign share permissions on the common share to an AD group.....then put the users in the group and take username and password out of the login script?

Author

Commented:
Because it is in a seperate domain and AD
CERTIFIED EXPERT
Most Valuable Expert 2012
Top Expert 2014

Commented:
Hi, this may be off track, but if you're re-prompted for the Resouce credentials when connecting to a mapped drive, is it possible that you have cached credentials to that Resource?
Click Start --> Control Panel --> Users --> Advanced --> Manage Passwords
and see if some saved credentials are there for that resource.  If so, delete them.

Regards,

Rob.

Author

Commented:
Actually, ever since I made the change to the registry to make sure the login scripts finished before the desktop opened, it's been working.
I also used the /DELETE option to the front of the script to remove all mapped drives before remapping.

eg.
net use j: /DELETE
net use k: /DELETE
net use j: \\server\share
net use k: \\server\share2

Not sure which really fixed it but since it's working, I don't plan on messing with it now.
This issue is closed.
Which registry setting panned out for you?

Author

Commented:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

value: RunLogonScriptSync (REG_DWORD

0 = Don't wait for the logon script to complete before loading the desktop.
1 = Wait for the logon script to complete before loading the desktop.
Used VALUE 1
C'est la vie ... that's as I thought and not a problem ... but it leaves me confused as to why you awarded points based on the wrong registry key?

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.