Solved

Logon script does not run on a trusted domain

Posted on 2008-10-28
11
2,110 Views
Last Modified: 2012-06-27
I have two windows 2003 domains in two forests connected via a firewall.  I have established a two way trust between the two domain.  I a able to logon to either domain from either side and I am able to connect to shares on either side.  But when I logon as a user from domain A on a computer in Domain B, (I am able to log on fine and connect to the mailserver in DomainB) my logon script does not run.  Is there anything I am missing?  How do I get my script to Run?

I have all traffic allowed between the two domains except for DHCP traffic.

Thanks for all the Help.

Bilal
0
Comment
Question by:bilalaha
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
11 Comments
 
LVL 14

Expert Comment

by:plug1
ID: 22830272
HAs the logon script been replicated to domainB? I would check in %systemroot%\SYSVOL\Domains\Scripts on the DC in domain B, if the scripts not there then it wont run, TBH I dont think it will replicate either, you may have to manually add the scripts.
0
 
LVL 2

Author Comment

by:bilalaha
ID: 22834925
No.  The logon script was not replicated to domain B.  SHouldn't it run across the domains from domain A?  The account does not exist in domain B, so you can not add a script to an account.  Is there an option I should be setting?  
0
 
LVL 14

Expert Comment

by:plug1
ID: 22836863
No, it wont work like this, you need to retink your domain setup mate. Give me a shout or reply here if you need a hand.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 2

Author Comment

by:bilalaha
ID: 22840203
How do I relink my domain setup?
0
 
LVL 14

Expert Comment

by:plug1
ID: 22840310
On a re think Id say your fine tbh, you just need to create the script in domain b as well. Once its there you should be fine. I dont think trusting somains should automatically replicate scripts as I can see it would cause issues.

Just manually create the script and you'll be fine.
0
 
LVL 2

Author Comment

by:bilalaha
ID: 22840742
I am not sure I am following you here!!!!

Here how it is:
I have domain A and Domain B.  There is trust between the two domains, so user from Domain A can log on Domain A when connected to domain B. The account resides in domain A and not Domain B.  When the user log on to Domain A from Domain B, his/ger logon script in Domain A does not run!!!

I can not modify anything on the account or recreate a script for the account in Domain B, since the account exists in Domain A and not in Domain B.
0
 
LVL 14

Expert Comment

by:plug1
ID: 22840778
Sorry, didnt explain myself properly, all you wan to do is on the DC on Domain A copy the contents of \\server\c$\windows\SYSVOL\domain\scripts over to any DC on domain B to the same location. That way the file the account is looking for will be in the place that the account is looking for it.
0
 
LVL 2

Author Comment

by:bilalaha
ID: 22889227
This does not work.  When you logon to domain B in Domain A, it is looking for a logon script in Domain A and not B.  I tried to copy the directory where the scripts are in Domain A to Domain B., but still does not use them.  I would think it needs to lookup the script across the router and that is not happening.

Any other thoughts on this?
0
 
LVL 14

Accepted Solution

by:
plug1 earned 500 total points
ID: 22889674
Its not a problem with it crossing the router I can guarantee that. If there was a problem there then there would be no logon at all. The only other thing would be the permissions on SYSVOL on domain A, domain B needs access to it, can you open sysvol on any DC in domain A from domain B
0
 
LVL 2

Author Comment

by:bilalaha
ID: 22897300
Ok.  Got it.  Added users from Domain A to Users in Domain B and Vise Versa and no logon scrips work from either domain.

Thanks.
0
 
LVL 14

Expert Comment

by:plug1
ID: 22897319
Good stuff, we got there in the end.
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question