Solved

Logon script fails on Terminal Server

Posted on 2009-05-14
9
744 Views
Last Modified: 2013-11-10
Regular users fail to automatically get drive mappings (configured by group policy logon script) when logging on to our terminal server (Windows Server 2003). These same users get the drive mappings when logging on to their local workstations.

CRUCIAL: The regular users always get the drive mappings in the terminal server WHEN they execute the logon script MANUALLY. The logon script is the same file for all users in the domain.

However, Domain Admins users can AUTOMATICALLY get the drive mappings when logging on to our terminal server - just like logging on to their workstations.

HOW can I get regular users to automatically get drive mappings when logging on to the therminal server?
0
Comment
Question by:waforbes100
  • 5
  • 4
9 Comments
 
LVL 27

Expert Comment

by:bluntTony
ID: 24402285
Have you checked that the login script policy is actually applying to the users? Run an RSoP query on the TS server as one of the users (rsop.msc). Is it applying as a login script?

Could you possibly have a loopback policy on the the server blocking this login script which admins are exempt from?
0
 

Author Comment

by:waforbes100
ID: 24406793
Hello Blunt Tony: RSoP never shows the application of login scripts (at least not for XP or Server 2003).
Also, note the following:
1. The same login script works perfectly when users logon their workstations.
2. No loopback processing is configured for the local terminal server nor the Active Directory group policy.
3. The login script works when placed into the "C:\Documents and Settings\All Users\Start Menu\Programs\Startup" folder.

I hope the above three points are useful clues.
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24412149
You're correct about the login scripts - I was thinking startup scripts showing on an RSoP.

What about Terminal Services configuration? In the RDP-Tcp properties on the Client Settings tab there is an option to disable such things as Drive Mapping etc, also check the 'Permission Compatibility' option in the Server Settings container.

Why don't you try to add something to the script which will tell you whether it's being run at all, or whether just the mappings are failing? (e.g. a VB script MsgBox or similar).

0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:waforbes100
ID: 24412665
Hello bluntTony,
I've attached JPEGs of the Terminal Services Configuration Server Settings and RDP-Tcp Client Settings.
Below, I have provided RDP-Tcp Permissions:
1. Administrators = Full Control (Allow)
2. Remote Desktop Users = User Access, Guest Access (Allow)
3. LOCAL SERVICE = Query Information (Allow), Message (Allow)
4. NETWORK SERVICE = Query Information (Allow), Message (Allow)
5. SYSTEM = Full Control (Allow)

TSC-Server-Settings.JPG
Client-Settings-RDP-Tcp.JPG
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24421751
Have you tried to add something to the script that would prove whether it's running or not?
0
 

Author Comment

by:waforbes100
ID: 24422396
I don't know how to do this. I am attaching the VBS script as a TXT file for your review.
Mapdrives.txt
0
 
LVL 27

Accepted Solution

by:
bluntTony earned 500 total points
ID: 24422482
I've added a line with a MsgBox command to throw up a window saying 'Script Running'. (near the top of the code)

Test this on a login and see if the box appears. If it does, the script is running but the mappings are failing, otherwise the script is not running.
Mapdrives.txt
0
 

Author Comment

by:waforbes100
ID: 24432457
bluntTony, your suspicions were right: the login script only runs for admin users. The message does not appear for regular users who log on to the terminal server.
QUESTION: What setting on this terminal server can prevent scripts from running for regular users?
0
 

Author Closing Comment

by:waforbes100
ID: 31581739
The solution provided allowed to determine the root of the problem; thus I was able to find a work-around: I placed the logon script in the "C:\Documents and Settings\All Users\Start Menu\Programs\Startup" folder, which resolved the issue.
However, I still don't know WHY the domain logon script won't execute for regular users (that hasn't been corrected - only worked-around).
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Computer science students often experience many of the same frustrations when going through their engineering courses. This article presents seven tips I found useful when completing a bachelors and masters degree in computing which I believe may he…
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question