[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1079
  • Last Modified:

Active Directory Not always mapping home directory and scripted drives

Environment:
Server: Windows 2003 R2
Clients: Windows XP Pro SP2

I am having an issue with Active Directory.  Intermittently we have clients that won't map home drives or scripted network drives.  I have yet to find the common thread among them, it seems to happen all buildings and areas but it seems like it does not work... they reboot and it is fine.

I know quite a bit about AD and am a little baffled by this because when I test it, it works fine.  DNS and DHCP are all Windows based and respond fairly quickly.  The DHCP server is on a different VLAN but that does not seem to be an issue.  DNS server is the same server their home driver are on and on the same VLAN.

Any good troubleshooting resources for an ambiguous issue such as this?
0
ParadiseITS
Asked:
ParadiseITS
  • 6
  • 4
  • 3
  • +1
1 Solution
 
piattndCommented:
We have a similar problem that happens frequently in our environment too.  One thing I noticed is that our DC gets completely hammered during the times that this seems to happen.

Do you see any indication of your DC computer resources taking a severe dip when this problem happens?  How many DCs can your clients authenticate to?
0
 
kdtreshCommented:
We have a similar issue. I have found that the mapping happens fairly late in the logon process, and sometimes opening programs can prevent it from happening. I tell our users to wait for the second cursor hourglass when they log on. As a fallback, I also direct them to create a shortcut to the global_logon.vbs file we use in \\domain\sysvol\domain\scripts that they can run any time to re-map their drives.
0
 
ParadiseITSAuthor Commented:
We have 5 DCs for authentication.  However, only one per user VLAN.  

My initial thought is that it might be a load issue... but the server is sized fine (HP DL380G5 8GB GIG NICs).. what I am concerned about is network oversubscription... IE:  30 clients in a computer lab all log in at the same time... 100MB connections each, 1GB uplink ports on each switch... do the math.

The only thing about that is that some individuals see it to in different areas which may or may not be caused by that because of how oversubscribed the switches really are.  But I don't want to write this off as oversubscription...

I will try and keep an eye on the server during the day... server monitor etc... and see what it looks like tomorrow.

The login script idea is fine with me, but my users are... how do you say.. helpless?  Clicking on a link is too much work for them :)
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
subliferCommented:
I've seen this happen before on PCs that have card readers attached/installed or have some other removable drive, like a flash drive, installed.  Is that possibly a common point on these users?

Good luck.
0
 
ParadiseITSAuthor Commented:
Thanks for the suggestion, but not likely.  It is a mix of students and administrators.  Technically speaking, students are not allowed to plug anything in any computer at any time.  So, I have to assume that at least most of the teachers enforce that policy.
0
 
subliferCommented:
If you just wanted to be sure, after a machine logs on without mapping the drives, look at "My Computer" or in Disk Management of Computer Management and see if your drive letters that you are trying to map are already in use.
0
 
ParadiseITSAuthor Commented:
No, these are not already mapped, but thanks!

This is in the middle of an eDirectory to Active Directory migration.  I connected Wireshark to a few switches in the affected areas and am still seeing oodles of IPX and NetBIOS over IPX traffic (like 70% of the traffic).  Apparently the desktop group didn't remove IPX and NBoIPX from the machines.  We are going to go back and hit the machines again to get it off and see if things improve.

... they have to at least get a little better!
0
 
subliferCommented:
How is it coming?  Did removing the IPX traffic help resolve your issue?

Removing the unused services might help by also rebuilding the TCP/IP stack if that had gotten corrupted.
0
 
ParadiseITSAuthor Commented:
No, removing the IPX traffic did not resolve the issue.  It did improve some things but the issue is still there.  I also put the building in its own VLAN to ensure only the traffic I want there is there.

The upside is it is now pronounced in one area and I am keying in on a switch or two perhaps being the culprit.  I am planning on putting a dummy machine on one of the switches I suspect to sniff it and stress test it.  I'm not seeing any errors but my gut tells me its one of the switches.  The two other buildings we have done are not experiencing the issues any longer since IPX was removed.
0
 
piattndCommented:
What type of file is the login script?  VBS or batch?
0
 
ParadiseITSAuthor Commented:
It is a VBS, I can post it if it is helpful but there's no magic in it... just simple drive mappings based on group membership... I want to get more complex and push printers too come June.
0
 
piattndCommented:
Do you happen to be logging anything to a text file that shows progress of the script, to see if it failes inside the script or if AD fails to launch it?
0
 
ParadiseITSAuthor Commented:
No, the script works fine, it just doesn't always execute and sometimes even after it does the drive disappear on people.
0
 
subliferCommented:
That could be an issue if you were trying to run it directly from the server.  Why don't you try making it a two part script.  

1.  (if not exist) copy the logon script to the local machine
2.  Execute local script

That should get you much more reliable performance on the script and if it doesn't work on the 2nd logon (1st might not execute if it is still copying) then the issue isn't with the script.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 6
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now