Solved

Automatically mounting network share and TrueCrypt containers on Windows Server 2003.

Posted on 2011-09-07
3
1,350 Views
Last Modified: 2012-08-14
We have a TrueCrypt container on a NAS containing a network share. The network share can be mounted using the Net Use command properly (the machine mounting it is running Windows Server 2003 Small Business Server). Permissions are, for now, set to all access for everyone for the share. The TrueCrypt container can be properly mounted through a single command-line command. We realize this is insecure; once we get this working, this is a temporary setup that will be secured, we just have to get this working for a brief time.

Mounting the share works properly with the net use command, and mounting the TrueCrypt container located on the share from the command line works properly. We want the share itself to be automatically mounted on boot and the TrueCrypt container on the share also mounted on boot (again, for security reasons, this is temporary but needs to be in place for a brief time). We have created a logon script (assigned through Group Policy to the Windows Server in question) that uses net use to mount the share then executes the TrueCrypt command to mount the TrueCrypt container.

If we disable the logon script (so that it doesn't run automatically on machine boot), log into the machine, and run the script manually, it works perfectly (mounts the share using net use, then mounts the TrueCrypt container using TrueCrypt.exe on the command line), indicating th script should work fine. However, if we assign it as a startup script, it doesn't work. When we assign the script as a Startup script to the machine, reboot the machine, log in, and check to see if everything mounted properly, the share itself will be mounted, but the TrueCrypt container won't.

We notice that when the known-good script is assigned as a Startup script to the machine, while the share does mount (and, again, the TrueCrypt container doesn't, despite the script being known-good), the share is listed as "Disconnected Network Drive". We can open Windows Explorer and navigate to it (and are able to view the files on the share, etc), but in Explorer the label associated with the drive (next to the drive letter) is "Disconnected Network Drive" and if "net use" is executed by itself at the command line (to list all currently attached network shares and the like), net use reports that no shares are mounted (despite the fact that we can navigate to it in Windows Explorer and see the files within.

We have tried setting a Group Policy parameter (under Administrative Templates) that is supposed to delay script execution until the network is initialized, but it seems to have no effect.

We assume the issue to be related to Windows not having the network fully initialized to properly and completely mount the share through a logon script. Is there a way to delay Windows to ensure that a net use command that mounts a network share will only execute when the network is fully initialized? Is whatever user context that Windows attempts to mount the share in (we assume it to be a System account) when executing the net use command in the logon script an issue, and if so, is there a way to specify what user account the logon script runs under?

Thank you very, very much in advance for your assistance. If further detail is required, I will be happy to post it.
0
Comment
Question by:VLib
3 Comments
 
LVL 11

Expert Comment

by:marek1712
ID: 36500723
Maybe you could do something with this share?
E.g.:
net use Z: \\server\some_share
cd z:
and then mount the conainer.
Alternatively you could implement wait command for ~20s and then mount:
http://malektips.com/dos0017.html
0
 
LVL 12

Expert Comment

by:coredatarecovery
ID: 36515233
Are you using certificate like files for the mount?
0
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 36519275
Hi.
You could define a scheduled task, then you could set a user account to execute the TC script.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Learn about cloud computing and its benefits for small business owners.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now