[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 730
  • Last Modified:

2008 sbs logon script

so, in 2003 sbs you had a folder\\server\netlogon  
when a user has an issue connecting to exchange or a share drive we would direct them to the letlogon script and have them run it to re-authenticate to domain without logging off/on


In 2008 sbs i dont see that as an option,  so how can i make this work on 2008 sbs in a similar manner?
0
wmctech
Asked:
wmctech
  • 5
  • 5
  • 3
1 Solution
 
Rob WilliamsCommented:
The \\server\netlogon location should still be present. That is the share location or you can go directly to C:\Windows\sysvol\sysvol\yourdomain.local\scripts
However, scripts are not typically used for domain authentication, it is used for drive mappings and such. The drive mapping may include authentication.
0
 
mcsweenSr. Network AdministratorCommented:
This sound like you have a bigger issue with the AD Controller not responding in a timely fashion to logon requests so users are using cached credentials.

I would suggest setting the group policy "Wait for network at computer startup and logon" to help alleviate this.

The netlogon share (\\domainname\netlogon) should exist on the server.  If it isn't there restart the netlogon service on the server and see if it appears.  \\domainname\sysvol\domainname\scripts is the same as the netlogon folder; does this share exist?  Also see the KB article below.

http://support.microsoft.com/kb/947022
0
 
Rob WilliamsCommented:
Might you be using a VPN? If so we can provide some tips that may be helpful.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
wmctechAuthor Commented:
some users on vpn saw this issue, with sonicwall client i set it to run logon scipts when connecting,  thus i want to know how i can find the file and run it when i need to
the vpn issue is resolved, this is for desktop users in the office, when the server is rebooted with users connected,  i would like to have another way to reconnect to domain other than log on/off
0
 
Rob WilliamsCommented:
A logon script as mentioned is not used to authenticate or re-authenticate. Is the problem your logon script/mappings are not completing at logon? If so that is a common problem and is usually dealt with by "tweaking" the following group policies relating to slow link detection:

Computer Configuration | Administrative Templates | System | Logon  | Always wait for the network at computer startup and login
Computer Configuration | Administrative Templates | System | Scripts | Run logon scripts synchronously
Computer Configuration | Administrative Templates | System | Group Policy | Group Policy slow link detection

Server 2008/Win 7 also offeres the following option
Computer Configuration | Administrative Templates | Network | fline files | Configure slow-link mode.
0
 
mcsweenSr. Network AdministratorCommented:
1. Can you see \\domainname\netlogon
2. Can you see \\domainname\sysvol

If not restart the netlogon service on the server and check again then post back here.
0
 
wmctechAuthor Commented:
mcsween,  yes i can see them
0
 
wmctechAuthor Commented:
robwill good info
0
 
mcsweenSr. Network AdministratorCommented:
Good; you should be able to manually run your scripts from the \\domainname\netlogon folder then.  If I am misunderstanding the issue please clarify.
0
 
wmctechAuthor Commented:
mcsween,  the folder is empty,  i expect to see netlogon.bat or the like, but nothing
0
 
mcsweenSr. Network AdministratorCommented:
The folder is empty by default, until you create and copy your logon scripts there.  If you still have the old DC grab the script from that folder and copy it to the new server then make sure the user accounts have the script name under "Logon Script" on the profile tab of their account in AD Users and Computers.
0
 
wmctechAuthor Commented:
got it,  seems like i missed that part.  all is well now
0
 
mcsweenSr. Network AdministratorCommented:
Another option you might want to look at is using Group Policy Client Side Preferences to map drives, install printers, etc...  Most Administrators are moving away from legacy logon scripts for GPO Preferences.  (The client side extensions only need to be installed on XP and are available from Windows Update)

http://technet.microsoft.com/en-us/library/cc731892(WS.10).aspx
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 5
  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now