Solved

Batch file on logon script in windows 8 nto working

Posted on 2013-06-17
15
809 Views
Last Modified: 2013-06-21
Hello guys,

I'm on a windows server 2003 dc and have user connecting to this dc (win xp, win7, win 8).

I have created a batch file on my server and have put it using group policy under Logon script (user configuration, windows settings, logon etc etc).

All my win xp and win7 client received their map drive but my win 8 client doesn't...

Can you please help?
Thanks
0
Comment
Question by:techlabtest
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 3
  • +3
15 Comments
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39255388
Disable securtity signature

Open shell with elevated privileges and type in:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force

and try again....
0
 

Author Comment

by:techlabtest
ID: 39255399
on my dc?
0
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39255406
right
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:techlabtest
ID: 39255418
i need to install .netframework and restart the dc and install power shell..can i use it through regedit?
0
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39255444
yes it works on power shell and you should make entry in login scripts....
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 39255483
I think what they are saying is that from a Windows 8 client to a Windows 2003 server there can be problems mapping drives etc. due to this secure signing requirement for SMB3.  There is an MS knowledgebase on that I'll see if I can find in a mo.

No need to put powershell or anything else on your server.

You can use that powershell script, manually make the same change using regedit against the Window 8 machine or I presume there should be a policy in group policy for it which you could push down to the machines if needed.

Not looked yet as no-one wants to use Windows 8 machines in corporates I deal with, Windows 7 is a bit new fangled, and for the smaller companies XP is still new for some of them, moved one business from one 18 year old DOS machine to Windows 7 and internet the other day!

Had a quick search and this is MS document on the subject: http://support.microsoft.com/kb/2686098 and some more info:  http://www.adamfowlerit.com/2013/05/26/unable-to-map-drives-from-windows-8/
0
 

Author Comment

by:techlabtest
ID: 39255501
HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force

i cant see: RequireSecureNegotiate !!!

Thanks
0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 39255653
To change the default behavior, you need to define the registry key. If not present, its default value is “Required” in Windows 8 clients.

If not, add the registry key...
HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecureNegotiate = 0


More info:
http://www.symantec.com/connect/forums/cant-map-network-storage-after-booting-ssr2013-recovery-disk
http://blogs.msdn.com/b/openspecification/archive/2012/06/28/smb3-secure-dialect-negotiation.aspx
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39256414
Have a look at below hotfix too.

Windows 8 and Windows Server 2012 update rollup: February 2013
http://support.microsoft.com/kb/2795944
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39258027
Quote the part of the batch file that does the mapping, please.  I never had to adjust anything on several win8 workstations in order to get "net use x: ..." running in a logon script.
Simply let the script echo to a file and quote the contents... or should we go on guessing?

Also read http://technet.microsoft.com/en-us/library/ee844140(v=ws.10).aspx if your test user is local admin.
Quote: When network shares are mapped, they are linked to the current logon session for the current process access token. This means that if a user uses the command prompt (cmd.exe) together with the filtered access token to map a network share, the network share is not mapped for processes that run with the full administrator access token.
0
 

Author Comment

by:techlabtest
ID: 39258342
thanks for your comments...

i have added the registry key and still not working...

Any idea...i got a lot users on windows 8..

Thanks
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39259533
You set the registry key... which one? Many suggestions contained one, which did you set? And if applicable, did you restart afterwards?
Then: I asked you to quote the part of the batch file that does the mapping, please - can you do it? And finally, you did not bother to follow my suggestion to have the script log to a file, did you? That way we could see what is going on. Like this for example:
net use x: \\server\share >\\logserver\share\%computername%.log
0
 

Author Comment

by:techlabtest
ID: 39262245
Sorry Mcknife...i was in a hurry yesterday and had not seen your comment....thanks for responding...

HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecureNegotiate = 0  (hav create RequireSecureNegociate and set the key to zero)

Batch file:
@echo off
net use x: \\serverone\FinanceDept /persistent:yes

Please eleborate for the example you gave..

Thanks
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 39264475
Set the regkey I linked and restart.
The example: Add >\\logserver\share\%computername%.log to that line of yours. It will log the result of your command to the textfile \\logserver\share\%computername%.log
Of course, you will have to supply a writable share \\logserver\share\, first.
0
 

Author Closing Comment

by:techlabtest
ID: 39265888
Thanks it works now...
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ntp server 15 83
EXCHANGE, ACTIVE DIRECTORY, VMWARE 5 116
List of Active Users in AD 5 63
AD LDS integrated with ADDS question 4 10
In-place Upgrading Dirsync to Azure AD Connect
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question