Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 928
  • Last Modified:

login script to reset user's home directory in Windows 7 Professional

Hello, I am using a login script to map drives.  One of the lines in the script is "net use p: /home".  The user profiles in active directory indicate the name of the login script and the home folder is set to the remote location or "p: /home".

Here's the guts of the script:
NET USE * /DELETE /Y
net time \\server /set /yes
net use h: \\server\shares\contracts
net use i: \\server\shares\proposals
net use j: \\server\shares\advertising
net use k: \\server\accounting
net use l: \\server\shares\databases
net use m: \\server\shares\engineering
net use p: /home
:END

This script has worked well for all my Windows XP computers.  We are now incorporating Windows 7 computers into our network and for some reason, this portion of the script does not complete.

Any help will be appreciated.  Thanks so much.

PS:  I used to use "net send" frequently from my local XP computer to communicate information to all the computers on the network - directly to the computer regardless of the user logged in at the time; i.e. net send /DOMAIN:DOMAIN type my message here... I have found that I cannot do so in my new Windows 7 environment.  If anyone knows a new and exciting way to accomplish the same task as simply, I'd be happy to hear it.

Thanks to all.
0
salaspa
Asked:
salaspa
  • 13
  • 8
  • 2
  • +2
3 Solutions
 
Joseph DalyCommented:
What is /home? Is that an evironment variable you set? Thats the first thing that sticks out to me as being strange is your not mapping a unc path since you are using the forward slash. Can you elaborate a little bit more?
0
 
TheGorbyCommented:
I've seen instances in Win7 where scripts always run as admin or system, instead of the currently logged in user. Try using this to replace the current line; replace '<domain>' with your domain name:

net use P: /USER:<domain>\%USERNAME% /HOME

Open in new window

0
 
TheGorbyCommented:
/HOME is a known switch with the net use command, it maps the drive to the user's home directory as specified in Active Directory.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
salaspaAuthor Commented:
p: /home represents "\\server\shares\Users..." wherein are folders named after each user's login name.
Then, active directory is supposed to resolve the path specified in the profiles tab of the user's properties where the Home Folder portion indicates: Connect P: To \\server\shares\Users\username.

I attached a capture of the AD profile tab.
Project1.jpg
0
 
TheGorbyCommented:
Just in case I may have that backwards, if it doesn't work try this
net use P: /HOME /USER:<domain>\%USERNAME%

Open in new window

0
 
salaspaAuthor Commented:
Thanks, Gorby; I've gone ahead and tried it both ways...

When the script is run, I have connection to all the mapped drives; however, the home directory links me to the main share: i.e. "Drive p: is now connected to \\server\shares. Your home directory is p:\users\ps.

This is the same outcome I received from the way I had written the line - the problem is that it links me to the upper level of the directory and not directly to \\server\shares\users\ps.

When I click on the mapped drive I see everything - not only my specific home folder.

What am I doing wrong?

Thanks so much.
0
 
TheGorbyCommented:
Wait a minute - from the looks of that screen shot the drive should already be mapping itself during login, you shouldn't need to respecify it in the script. Have you tried not including the P: drive in your script at all?
I've tested that this does work on my AD domain (Server 2003 & XP Pro), but I have no Win7 computers to test on.
0
 
salaspaAuthor Commented:
Thanks Gorby;
I took the line out and then I don't get the mapped drive at all - regardless of whether it is a Windows 7 or XP machine.
Sooo... if it's working on yours, but not on mine - my guess would be permissions, but they do not appear to be an issue in this case.
Nothing has changed in our environment, except the addition of the Windows 7 OS on the network.
Thanks again for your continued help.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Looks like NTFS permissions problem on home drive(s). If user has no access to the appropriate folder, then script maps one folder up where user has proper rights (in this case main folder is used, where probably users have at least "lists folder" or "read" access).

Regards,
Krzysztof
0
 
TheGorbyCommented:
Open up a Command Prompt, and run the SET command. On the list of variables, there should be one named HOMEPATH and another named HOMESHARE. If the homeshare is being applied correctly to the user you should have this:
HOMEPATH=\
HOMESHARE=\\server\shares\users\ps
If HOMESHARE is missing entirely, then the homeshare isn't being applied correctly, and most likely the local profile path is listed for HOMEPATH. I'm guessing yours will show up that way. The things I would check are
1. That you not only have Full Control permissions for the 'ps' folder, but are the owner as well.
2. If you have more than one domain controller, ensure that AD replication between them is functioning correctly.
3. At a Command Prompt, if you type 'net set P: \\server\shares\users\ps', does that work? And if it does map the drive, can you actually access it?
P.S. - it doesn't look that way, but are the home folder names the same as the usernames? Because, then you could simply add to the script: net use P: \\server\shares\users\%USERNAME%, and ignore the home folder setting in active directory altogether.
0
 
TheGorbyCommented:
iSiek raises an interesting point; going back and looking at your 2nd comment, I'm starting to think that the user doesn't have enough permissions to the 'users' folder...
0
 
TheGorbyCommented:
P.S. - in Windows 7 the NET SEND command is replaced with the MSG command, which is nice because you don't need the Messenger service running to use it.

This article is for Vista but should apply to Win7 as well; http://www.petri.co.il/msg-exe-net-send-vista.htm
0
 
salaspaAuthor Commented:
Hey, Krzysztof, thanks for your input.  All users have read and excute persmissions on the Users folder.
Are you saving that is insufficient?
Let me know.
Thanks.
-PS
0
 
TheGorbyCommented:
They would also need the List Folder Contents permission on the Users folder.
If they do, or adding that doesn't fix it, did you check the 3 things I posted earlier? Particularly #1 and #3.
0
 
salaspaAuthor Commented:
Gorby, thanks for your suggestions...  I double checked per your suggestion - all my paths are set correctly.
I also went and looked at the permissions for the Users folder - all users have read & execute to that particular folder and full access to their specific folders.  Furthermore, as I am an administrator on the network, I have full access to the Users folder itself.
In regard to your #3, above, when I type that at the cmd prompt, it fails with the typical 'The syntax of this command is..."

I have read that MSG replaced Net Send, but I cannot get it to work - for example, if I wanted to send a note to all the computers on the network, I'd just use /DOMAIN:DOMAIN or for one specific computer /DOMAIN:sys142 under the NET SEND cmd.  With MSG I can't seem to get any syntax to work.
0
 
TheGorbyCommented:
VERY sorry, I gave you the wrong syntax; it should be:
net use P: \\server\share\users\ps
I'm a bit amazed that your HOMESHARE variable is set correctly but the drive still doesn't map...! I'm still running some tests on my end, trying to reproduce your situation. Very curious to know if you can actually browse, open and execute files in the 'ps' folder, whether it's mapped or not.
0
 
salaspaAuthor Commented:
Absolutely not a problem - this worked: net use P: \\server\shares\users\ps !  However, once my login script runs again, won't is be wiped out?  I cannot write netlogon script to reflect this.  I am truly glad it worked though!

In regard to your further commentary, I went back and verified; this is copied direct:
HOMEDRIVE=P:
HOMEPATH=\
HOMESHARE=\\server\shares\Users\ps

Here's another thing... if I type cmd from the Start|Run box I open a cmd window with the prompt
C:\Users\ps.DOMAIN>
However, if I use the commant prompt shortcut in the Start menu (default Windows 7) my window opens with the prompt P:\.  It is notewworthy to mention that this is how my cmd window always opened prior to Windows 7.  

Thanks, Gorby, you're the VERY best!

-PS
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Yes, it is correct. Read&execute rights are correct on main Users folder. But you have to be sure that all child objects have set inheritance (looks like the haven't got). If not, that could be problem. To be able mapping folder as hare, user requires at least read permission. So, edit one user's profile security tab and check if that user is added there. If not, add him/her to the folder, re-log on and check if it helped.

Regards,
Krzysztof
0
 
TheGorbyCommented:
For some reason that computer is a bit confused as to what your home drive is! Are you able to check the same things from your last comment, but on a different Windows 7 machine?
Also, are you able to open files that are in the 'ps' folder now that it's mapped (or even when it's not)? That would prove or eliminate a permissions problem.
Something interesting I noticed in your last post... your domain username is the same as the folder name, right? As in, they're both named 'ps'? If that's the case for all your users, then adding the below line in your script will work for everyone:
net use P: \\server\shares\users\%USERNAME%
Then you could completely disregard the home folder setting in AD; I personally don't like to let a problem remain by using such workarounds but your problem is a strange indeed, so far.
0
 
TheGorbyCommented:
It looks like MSG is just for sending to a single computer at once:
http://www.neowin.net/forum/topic/725588-how-do-i-use-msgexe-to-send-messages-to-a-xp-pc/
Aside from using 3rd party software, I'm all tapped out on that subject.
0
 
salaspaAuthor Commented:
Funny thing is I am always able to open files in my p:\ drive - even if I have to get there the long way, by typing the path in the run box.

We have one other Windows 7 computer, but I have not checked his enviroment for the same issue.  

I thought the same thing myself - I'll just use "net use P: \\server\shares\users\%USERNAME%" in the script - but it does not work on the XP machines!  Grrrrrrr!  

Bummer about the MSG command too.  I was hoping I was just missing something, but I guess not.  Thanks again for all your help today.  You've been really great.
0
 
ktaczalaCommented:
the command net use P: \\server\shares\users\%username%  should work just fine for XP and windows 7.  I use it in all my customer sites.

The net use P: /home command works for windows XP machines, ( it maps P to the username, if it's setup in the users account) however, In windows 7 net use P: /home will only map to the Folder Users(in your  case)

As far as permissions, they should be:
users folder should only have sharing permissions setting of change and read.
users folder should have security settings of atleast domain\users Read&Execute
all folders underneath users, i.e. ps should have sharing permissions of not shared.
all folders underneath users i.e. ps should have atleast ps with modify.  To get this setting you must turn off inheritance( I usually add administrator Full Control also)
Then you mapping would be net use P: \\server\users\%username%
0
 
TheGorbyCommented:
Do you have the 'shares' folder shared, or the the 'users' folder shared? If the 'shares' folder isn't shared, then we've been using the wrong path all along (d'oh!), and assuming the 'users' folder is shared the path that ktaczala posted is right:
\\server\users\%username%
0
 
salaspaAuthor Commented:
Thank you, ktaczala  & Gorby.

It is noteworthy to mention the "users" folder is shared within the shared "shares".  Everyone has access to shares; CompanyUsers have read and execute access to Users (no inheritance);  then the specific user has non-inherited full access to his/her folder - when effective permissions are verified at this level, the user has full access.  All these files are on a storevault net appliance.
0
 
TheGorbyCommented:
This keeps getting more strange!
Possibly turning off the XP Fast Logon feature using GPO may help, as described here:
http://support.microsoft.com/kb/q305293/
...which I found in a forum thread here:
http://www.computing.net/answers/windows-2003/home-folder-mapping-issue/8194.html 
It seems that may solve your problem whether you depend the AD home folder setting or a login script to map the home drive. As mentioned in the 2nd link, using GPO to set the login scripts to run synchronously may do the trick also. Be wary though as I believe both of those options can potentially increase login times for users.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 13
  • 8
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now