Solved

login.bat not running over hamachi VPN

Posted on 2014-01-08
8
914 Views
Last Modified: 2014-01-15
I have connected a remote PC to the head office using Hamachi VPN. I have purchased a licence as the free version does not run as a service.

The PC is connected to the VPN before logon, as is the server.

I have added the PC to the domain (AD running on the server 2003) but when I login the login script (login.bat - maos network drives) that is configured using group policys is not running.

I have run the script locally on the PC and it maps the network drives correctly.

What am I doing wrong here?
0
Comment
Question by:roy_batty
8 Comments
 
LVL 22

Expert Comment

by:yo_bee
ID: 39766978
Are you 100% sure that you are connected prior to logging on?  Are there other steps when you connect to the VPN connection?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39766985
It's not possible to have the Hamachi VPN connect before logon, therefore login scripts will not work.  You have to use a batch file after logon or use the windows VPN.
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 250 total points
ID: 39766988
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 18

Expert Comment

by:Andrew Davis
ID: 39766992
tests:-
1. before the remote client has logged on, can you ping the remote clients computer? This will tell you if the VPN is established.

2. What Errors are logged in event viewer for the remote client in relation to group policies being applied?
Are any other group policies working fine.

3. From the client can you browse \\{name of server} and do you see the netlogon and sysvol shares?

4. Try adjusting the Bat file to start with a "ping {ip of server}" this will force the client to try to establish the connection prior to attempting to map the drives. You could also add a "Pause" at the end of the bat file so that you can see the output result (note you dont want to leave it there permanently as it will keep the screen open on all users when they logon).

Cheers
Andrew
0
 
LVL 25

Expert Comment

by:Coralon
ID: 39767062
Your login scripts will not run if you have to login before connecting.

What is happening is you are getting logged in with cached credentials on your local machine.  Then you are establishing your network connection, so as far as your system is concerned, it is the logon server.  As long as this is the case, your group policies, logon scripts etc. will never run.  

This is very easy to verify:
open a command prompt, and type in 'set logon' and that will show you what your system thinks is the logon server.  

(The screenshot has my home Windows 8 machine.. its logging in from my Microsoft Live account).  You will see your login server as \\<computername>.  

You could basically set up a script that would just test your connection to the domain controller, and once it becomes valid, then run your script..

This isn't debugged.. but something like this..

(cmd)
@echo off
start 'c:\program files\hamachi\hamachi.exe'  
waitfor /t 10 BOGUSSIGNAL > nul: 2>&1

:TestLoop
If exist \\<servername>.domain.tld\netlogon\loginscript.cmd (
     \\<servername>.domain.tld\netlogon\loginscript.cmd 
     goto :connected
) else (
     waitfor /t 5 BOGUSSIGNAL > nul: 2>&1)

:connected
echo Your login script has been launched.

Open in new window


Basically, the script launches Hamachi (I've only heard of it, not used it), and then waits for 10 seconds.  (Waitfor is built in to Windows 7, 8.. you could also download and use sleep.exe).  After that 10 seconds (basically, just giving Hamachi a chance to connect), then it checks if the login script on the domain controller you are looking for exists (which means your system can 'see' it).  If it does, it runs it, if not, it sleeps for another 5 seconds tries again.. it will continue until it connects.

Here is a powershell version of the same thing
start "" "C:\program files\hamachi\hamachi.exe"
Start-Sleep -Seconds 10

while ($true) {
    if (Test-Path -Path '\\servername\netlogon\loginscript.cmd') {
        & 'cmd.exe /k "\\servername\netlogon\loginscript.cmd"'
    } else {
    Start-Sleep 5
    }
}

Open in new window


Coralon
LogonServer.png
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 250 total points
ID: 39768932
Ideally you want to use a Windows VPN and client, though there are some others such as Cisco, which allow you to connect to the VPN before logging in.  Thus you are actually authenticating to the server, not using cached credentials.  I have blogged as to how to connect with Windows.
http://blog.lan-tech.ca/2012/04/29/connect-to-windows-vpn-at-logon/

If this is not an option you are best to have a batch file on which the user 'clicks' after logon, or add it to their startup menu.
0
 
LVL 1

Author Closing Comment

by:roy_batty
ID: 39782922
The paid for version of Hamachi I am using runs as a service and does connect prior to login. It takes a miinute or two but it does connect.

However I could get GPOs working.

So I took your advice and set up a proper VPN using the the windows server and vpn client.

GPOs working fine now.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39783080
Good to hear, and it's free :-)
Thanks roy_batty.
Cheers!
--Rob
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 2011 File Replication Services Question 3 56
DHCP lease duration / Migration 8 72
User wants to log with Username or Email 4 44
Updating Group Policy over a PPTP VPN 21 32
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question