Solved

login script to reset user's home directory in Windows 7 Professional

Posted on 2010-11-09
25
896 Views
Last Modified: 2012-08-13
Hello, I am using a login script to map drives.  One of the lines in the script is "net use p: /home".  The user profiles in active directory indicate the name of the login script and the home folder is set to the remote location or "p: /home".

Here's the guts of the script:
NET USE * /DELETE /Y
net time \\server /set /yes
net use h: \\server\shares\contracts
net use i: \\server\shares\proposals
net use j: \\server\shares\advertising
net use k: \\server\accounting
net use l: \\server\shares\databases
net use m: \\server\shares\engineering
net use p: /home
:END

This script has worked well for all my Windows XP computers.  We are now incorporating Windows 7 computers into our network and for some reason, this portion of the script does not complete.

Any help will be appreciated.  Thanks so much.

PS:  I used to use "net send" frequently from my local XP computer to communicate information to all the computers on the network - directly to the computer regardless of the user logged in at the time; i.e. net send /DOMAIN:DOMAIN type my message here... I have found that I cannot do so in my new Windows 7 environment.  If anyone knows a new and exciting way to accomplish the same task as simply, I'd be happy to hear it.

Thanks to all.
0
Comment
Question by:salaspa
  • 13
  • 8
  • 2
  • +2
25 Comments
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 34094144
What is /home? Is that an evironment variable you set? Thats the first thing that sticks out to me as being strange is your not mapping a unc path since you are using the forward slash. Can you elaborate a little bit more?
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34094234
I've seen instances in Win7 where scripts always run as admin or system, instead of the currently logged in user. Try using this to replace the current line; replace '<domain>' with your domain name:

net use P: /USER:<domain>\%USERNAME% /HOME

Open in new window

0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34094253
/HOME is a known switch with the net use command, it maps the drive to the user's home directory as specified in Active Directory.
0
 

Author Comment

by:salaspa
ID: 34094304
p: /home represents "\\server\shares\Users..." wherein are folders named after each user's login name.
Then, active directory is supposed to resolve the path specified in the profiles tab of the user's properties where the Home Folder portion indicates: Connect P: To \\server\shares\Users\username.

I attached a capture of the AD profile tab.
Project1.jpg
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34094320
Just in case I may have that backwards, if it doesn't work try this
net use P: /HOME /USER:<domain>\%USERNAME%

Open in new window

0
 

Author Comment

by:salaspa
ID: 34094537
Thanks, Gorby; I've gone ahead and tried it both ways...

When the script is run, I have connection to all the mapped drives; however, the home directory links me to the main share: i.e. "Drive p: is now connected to \\server\shares. Your home directory is p:\users\ps.

This is the same outcome I received from the way I had written the line - the problem is that it links me to the upper level of the directory and not directly to \\server\shares\users\ps.

When I click on the mapped drive I see everything - not only my specific home folder.

What am I doing wrong?

Thanks so much.
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34094658
Wait a minute - from the looks of that screen shot the drive should already be mapping itself during login, you shouldn't need to respecify it in the script. Have you tried not including the P: drive in your script at all?
I've tested that this does work on my AD domain (Server 2003 & XP Pro), but I have no Win7 computers to test on.
0
 

Author Comment

by:salaspa
ID: 34095051
Thanks Gorby;
I took the line out and then I don't get the mapped drive at all - regardless of whether it is a Windows 7 or XP machine.
Sooo... if it's working on yours, but not on mine - my guess would be permissions, but they do not appear to be an issue in this case.
Nothing has changed in our environment, except the addition of the Windows 7 OS on the network.
Thanks again for your continued help.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34095463
Looks like NTFS permissions problem on home drive(s). If user has no access to the appropriate folder, then script maps one folder up where user has proper rights (in this case main folder is used, where probably users have at least "lists folder" or "read" access).

Regards,
Krzysztof
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34095487
Open up a Command Prompt, and run the SET command. On the list of variables, there should be one named HOMEPATH and another named HOMESHARE. If the homeshare is being applied correctly to the user you should have this:
HOMEPATH=\
HOMESHARE=\\server\shares\users\ps
If HOMESHARE is missing entirely, then the homeshare isn't being applied correctly, and most likely the local profile path is listed for HOMEPATH. I'm guessing yours will show up that way. The things I would check are
1. That you not only have Full Control permissions for the 'ps' folder, but are the owner as well.
2. If you have more than one domain controller, ensure that AD replication between them is functioning correctly.
3. At a Command Prompt, if you type 'net set P: \\server\shares\users\ps', does that work? And if it does map the drive, can you actually access it?
P.S. - it doesn't look that way, but are the home folder names the same as the usernames? Because, then you could simply add to the script: net use P: \\server\shares\users\%USERNAME%, and ignore the home folder setting in active directory altogether.
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34095546
iSiek raises an interesting point; going back and looking at your 2nd comment, I'm starting to think that the user doesn't have enough permissions to the 'users' folder...
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34095997
P.S. - in Windows 7 the NET SEND command is replaced with the MSG command, which is nice because you don't need the Messenger service running to use it.

This article is for Vista but should apply to Win7 as well; http://www.petri.co.il/msg-exe-net-send-vista.htm
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:salaspa
ID: 34096187
Hey, Krzysztof, thanks for your input.  All users have read and excute persmissions on the Users folder.
Are you saving that is insufficient?
Let me know.
Thanks.
-PS
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34096272
They would also need the List Folder Contents permission on the Users folder.
If they do, or adding that doesn't fix it, did you check the 3 things I posted earlier? Particularly #1 and #3.
0
 

Author Comment

by:salaspa
ID: 34096341
Gorby, thanks for your suggestions...  I double checked per your suggestion - all my paths are set correctly.
I also went and looked at the permissions for the Users folder - all users have read & execute to that particular folder and full access to their specific folders.  Furthermore, as I am an administrator on the network, I have full access to the Users folder itself.
In regard to your #3, above, when I type that at the cmd prompt, it fails with the typical 'The syntax of this command is..."

I have read that MSG replaced Net Send, but I cannot get it to work - for example, if I wanted to send a note to all the computers on the network, I'd just use /DOMAIN:DOMAIN or for one specific computer /DOMAIN:sys142 under the NET SEND cmd.  With MSG I can't seem to get any syntax to work.
0
 
LVL 11

Assisted Solution

by:TheGorby
TheGorby earned 125 total points
ID: 34096698
VERY sorry, I gave you the wrong syntax; it should be:
net use P: \\server\share\users\ps
I'm a bit amazed that your HOMESHARE variable is set correctly but the drive still doesn't map...! I'm still running some tests on my end, trying to reproduce your situation. Very curious to know if you can actually browse, open and execute files in the 'ps' folder, whether it's mapped or not.
0
 

Author Comment

by:salaspa
ID: 34096903
Absolutely not a problem - this worked: net use P: \\server\shares\users\ps !  However, once my login script runs again, won't is be wiped out?  I cannot write netlogon script to reflect this.  I am truly glad it worked though!

In regard to your further commentary, I went back and verified; this is copied direct:
HOMEDRIVE=P:
HOMEPATH=\
HOMESHARE=\\server\shares\Users\ps

Here's another thing... if I type cmd from the Start|Run box I open a cmd window with the prompt
C:\Users\ps.DOMAIN>
However, if I use the commant prompt shortcut in the Start menu (default Windows 7) my window opens with the prompt P:\.  It is notewworthy to mention that this is how my cmd window always opened prior to Windows 7.  

Thanks, Gorby, you're the VERY best!

-PS
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34096912
Yes, it is correct. Read&execute rights are correct on main Users folder. But you have to be sure that all child objects have set inheritance (looks like the haven't got). If not, that could be problem. To be able mapping folder as hare, user requires at least read permission. So, edit one user's profile security tab and check if that user is added there. If not, add him/her to the folder, re-log on and check if it helped.

Regards,
Krzysztof
0
 
LVL 11

Accepted Solution

by:
TheGorby earned 125 total points
ID: 34097053
For some reason that computer is a bit confused as to what your home drive is! Are you able to check the same things from your last comment, but on a different Windows 7 machine?
Also, are you able to open files that are in the 'ps' folder now that it's mapped (or even when it's not)? That would prove or eliminate a permissions problem.
Something interesting I noticed in your last post... your domain username is the same as the folder name, right? As in, they're both named 'ps'? If that's the case for all your users, then adding the below line in your script will work for everyone:
net use P: \\server\shares\users\%USERNAME%
Then you could completely disregard the home folder setting in AD; I personally don't like to let a problem remain by using such workarounds but your problem is a strange indeed, so far.
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34097095
It looks like MSG is just for sending to a single computer at once:
http://www.neowin.net/forum/topic/725588-how-do-i-use-msgexe-to-send-messages-to-a-xp-pc/
Aside from using 3rd party software, I'm all tapped out on that subject.
0
 

Author Comment

by:salaspa
ID: 34097666
Funny thing is I am always able to open files in my p:\ drive - even if I have to get there the long way, by typing the path in the run box.

We have one other Windows 7 computer, but I have not checked his enviroment for the same issue.  

I thought the same thing myself - I'll just use "net use P: \\server\shares\users\%USERNAME%" in the script - but it does not work on the XP machines!  Grrrrrrr!  

Bummer about the MSG command too.  I was hoping I was just missing something, but I guess not.  Thanks again for all your help today.  You've been really great.
0
 
LVL 12

Expert Comment

by:ktaczala
ID: 34102657
the command net use P: \\server\shares\users\%username%  should work just fine for XP and windows 7.  I use it in all my customer sites.

The net use P: /home command works for windows XP machines, ( it maps P to the username, if it's setup in the users account) however, In windows 7 net use P: /home will only map to the Folder Users(in your  case)

As far as permissions, they should be:
users folder should only have sharing permissions setting of change and read.
users folder should have security settings of atleast domain\users Read&Execute
all folders underneath users, i.e. ps should have sharing permissions of not shared.
all folders underneath users i.e. ps should have atleast ps with modify.  To get this setting you must turn off inheritance( I usually add administrator Full Control also)
Then you mapping would be net use P: \\server\users\%username%
0
 
LVL 11

Expert Comment

by:TheGorby
ID: 34102971
Do you have the 'shares' folder shared, or the the 'users' folder shared? If the 'shares' folder isn't shared, then we've been using the wrong path all along (d'oh!), and assuming the 'users' folder is shared the path that ktaczala posted is right:
\\server\users\%username%
0
 

Author Comment

by:salaspa
ID: 34103223
Thank you, ktaczala  & Gorby.

It is noteworthy to mention the "users" folder is shared within the shared "shares".  Everyone has access to shares; CompanyUsers have read and execute access to Users (no inheritance);  then the specific user has non-inherited full access to his/her folder - when effective permissions are verified at this level, the user has full access.  All these files are on a storevault net appliance.
0
 
LVL 11

Assisted Solution

by:TheGorby
TheGorby earned 125 total points
ID: 34104544
This keeps getting more strange!
Possibly turning off the XP Fast Logon feature using GPO may help, as described here:
http://support.microsoft.com/kb/q305293/
...which I found in a forum thread here:
http://www.computing.net/answers/windows-2003/home-folder-mapping-issue/8194.html
It seems that may solve your problem whether you depend the AD home folder setting or a login script to map the home drive. As mentioned in the 2nd link, using GPO to set the login scripts to run synchronously may do the trick also. Be wary though as I believe both of those options can potentially increase login times for users.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

I recently purchased an HP EliteBook 2540p notebook/laptop. It has two video ports on it – VGA and DisplayPort. HP offers an optional docking station for the 2540p that also has both a VGA port and a DisplayPort. There are numerous online reports do…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now