Windows' NETLOGON folder


From the primary domain controller, I've changed the logon_batch file but when I tried to save it, it says " access is denied" although I was logged on as 'domain admin'.

Without ruin the default NTFS permission of the Window's NETLOGON folder, what's the proper way of giving yourself the appropriate rights to create and amend files inside the Window's NETLOGON folder ?

Thanks in advance.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

davealfordIt SupportCommented:
I tend to run notepad via 'run as administrator' then browse to the folder via C: etc.

Can I ask why you're using a batch file? AD is the preferred option now

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mcse2007Author Commented:
I was just amending the "logon.batch" file which is their logon script for mapping drive. The batch file is noted on each of the user's logon script in their AD properties. I hope I'm making sense.
davealfordIt SupportCommented:
I'd switch to using drive mapping through a group policy ..... much neater ......
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Krzysztof PytkoSenior Active Directory EngineerCommented:
Run notepad as administrator and then open that logon script from \\domain.local\NETLOGON share :)

Krzysztof PytkoSenior Active Directory EngineerCommented:
OK, forget about my answer, I didn't read davealford posts earlier :)

@davealford: Sorry, next time I will be more careful :)

Remember, there are a couple of ways to do this in Group Policy. I prefer UC.Policies.Scripts and create VB login scripts. With VB, there's a lot of flexibility including drive and printer mappings, time sync, etc. The other way in 2008 is to use UC.Preferences.Windows Settings. Drive Maps. This is good for simple drive mappings with nothing fancy.
SandeshdubeySenior Server EngineerCommented:
On the syvol folder add the user id which you are using to login in ntfs security setting assign full control to the user id.
In security tabclick on advance in permission add the user and select replace permission entries on all child object...and also select the inhert permission and click apply ok.
Once done try to edit the file and save it.

Hope this helps

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.