Solved

Batch file on logon script in windows 8 nto working

Posted on 2013-06-17
15
803 Views
Last Modified: 2013-06-21
Hello guys,

I'm on a windows server 2003 dc and have user connecting to this dc (win xp, win7, win 8).

I have created a batch file on my server and have put it using group policy under Logon script (user configuration, windows settings, logon etc etc).

All my win xp and win7 client received their map drive but my win 8 client doesn't...

Can you please help?
Thanks
0
Comment
Question by:techlabtest
  • 6
  • 3
  • 3
  • +3
15 Comments
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39255388
Disable securtity signature

Open shell with elevated privileges and type in:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force

and try again....
0
 

Author Comment

by:techlabtest
ID: 39255399
on my dc?
0
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39255406
right
0
 

Author Comment

by:techlabtest
ID: 39255418
i need to install .netframework and restart the dc and install power shell..can i use it through regedit?
0
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39255444
yes it works on power shell and you should make entry in login scripts....
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 39255483
I think what they are saying is that from a Windows 8 client to a Windows 2003 server there can be problems mapping drives etc. due to this secure signing requirement for SMB3.  There is an MS knowledgebase on that I'll see if I can find in a mo.

No need to put powershell or anything else on your server.

You can use that powershell script, manually make the same change using regedit against the Window 8 machine or I presume there should be a policy in group policy for it which you could push down to the machines if needed.

Not looked yet as no-one wants to use Windows 8 machines in corporates I deal with, Windows 7 is a bit new fangled, and for the smaller companies XP is still new for some of them, moved one business from one 18 year old DOS machine to Windows 7 and internet the other day!

Had a quick search and this is MS document on the subject: http://support.microsoft.com/kb/2686098 and some more info:  http://www.adamfowlerit.com/2013/05/26/unable-to-map-drives-from-windows-8/
0
 

Author Comment

by:techlabtest
ID: 39255501
HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force

i cant see: RequireSecureNegotiate !!!

Thanks
0
[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

 
LVL 13

Expert Comment

by:rhinoceros
ID: 39255653
To change the default behavior, you need to define the registry key. If not present, its default value is “Required” in Windows 8 clients.

If not, add the registry key...
HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecureNegotiate = 0


More info:
http://www.symantec.com/connect/forums/cant-map-network-storage-after-booting-ssr2013-recovery-disk
http://blogs.msdn.com/b/openspecification/archive/2012/06/28/smb3-secure-dialect-negotiation.aspx
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39256414
Have a look at below hotfix too.

Windows 8 and Windows Server 2012 update rollup: February 2013
http://support.microsoft.com/kb/2795944
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39258027
Quote the part of the batch file that does the mapping, please.  I never had to adjust anything on several win8 workstations in order to get "net use x: ..." running in a logon script.
Simply let the script echo to a file and quote the contents... or should we go on guessing?

Also read http://technet.microsoft.com/en-us/library/ee844140(v=ws.10).aspx if your test user is local admin.
Quote: When network shares are mapped, they are linked to the current logon session for the current process access token. This means that if a user uses the command prompt (cmd.exe) together with the filtered access token to map a network share, the network share is not mapped for processes that run with the full administrator access token.
0
 

Author Comment

by:techlabtest
ID: 39258342
thanks for your comments...

i have added the registry key and still not working...

Any idea...i got a lot users on windows 8..

Thanks
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39259533
You set the registry key... which one? Many suggestions contained one, which did you set? And if applicable, did you restart afterwards?
Then: I asked you to quote the part of the batch file that does the mapping, please - can you do it? And finally, you did not bother to follow my suggestion to have the script log to a file, did you? That way we could see what is going on. Like this for example:
net use x: \\server\share >\\logserver\share\%computername%.log
0
 

Author Comment

by:techlabtest
ID: 39262245
Sorry Mcknife...i was in a hurry yesterday and had not seen your comment....thanks for responding...

HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecureNegotiate = 0  (hav create RequireSecureNegociate and set the key to zero)

Batch file:
@echo off
net use x: \\serverone\FinanceDept /persistent:yes

Please eleborate for the example you gave..

Thanks
0
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 39264475
Set the regkey I linked and restart.
The example: Add >\\logserver\share\%computername%.log to that line of yours. It will log the result of your command to the textfile \\logserver\share\%computername%.log
Of course, you will have to supply a writable share \\logserver\share\, first.
0
 

Author Closing Comment

by:techlabtest
ID: 39265888
Thanks it works now...
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now