Our network contains two Windows 2003 domain controllers and a Windows 2003 member server running Exchange. Our small group of workstations are all Windows XP Pro, which users log onto using local user accounts. They can then access shares on the servers based on AD group membership or individually assigned ACLs. I have tried to use GPO to control a logon script that records user information on the server but I can only get it to work if the user logs on with a domain account. Scripts assigned through domain profiles don't work either. Could it be that cached credentials are being used to establish connections with the server so netlogon doesn't really occur every time a user logs onto his local workstation? Is there a way around this?