Solved

login.bat not running over hamachi VPN

Posted on 2014-01-08
8
922 Views
Last Modified: 2014-01-15
I have connected a remote PC to the head office using Hamachi VPN. I have purchased a licence as the free version does not run as a service.

The PC is connected to the VPN before logon, as is the server.

I have added the PC to the domain (AD running on the server 2003) but when I login the login script (login.bat - maos network drives) that is configured using group policys is not running.

I have run the script locally on the PC and it maps the network drives correctly.

What am I doing wrong here?
0
Comment
Question by:roy_batty
8 Comments
 
LVL 22

Expert Comment

by:yo_bee
ID: 39766978
Are you 100% sure that you are connected prior to logging on?  Are there other steps when you connect to the VPN connection?
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39766985
It's not possible to have the Hamachi VPN connect before logon, therefore login scripts will not work.  You have to use a batch file after logon or use the windows VPN.
0
 
LVL 17

Accepted Solution

by:
Tony Massa earned 250 total points
ID: 39766988
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 
LVL 18

Expert Comment

by:Andrew Davis
ID: 39766992
tests:-
1. before the remote client has logged on, can you ping the remote clients computer? This will tell you if the VPN is established.

2. What Errors are logged in event viewer for the remote client in relation to group policies being applied?
Are any other group policies working fine.

3. From the client can you browse \\{name of server} and do you see the netlogon and sysvol shares?

4. Try adjusting the Bat file to start with a "ping {ip of server}" this will force the client to try to establish the connection prior to attempting to map the drives. You could also add a "Pause" at the end of the bat file so that you can see the output result (note you dont want to leave it there permanently as it will keep the screen open on all users when they logon).

Cheers
Andrew
0
 
LVL 25

Expert Comment

by:Coralon
ID: 39767062
Your login scripts will not run if you have to login before connecting.

What is happening is you are getting logged in with cached credentials on your local machine.  Then you are establishing your network connection, so as far as your system is concerned, it is the logon server.  As long as this is the case, your group policies, logon scripts etc. will never run.  

This is very easy to verify:
open a command prompt, and type in 'set logon' and that will show you what your system thinks is the logon server.  

(The screenshot has my home Windows 8 machine.. its logging in from my Microsoft Live account).  You will see your login server as \\<computername>.  

You could basically set up a script that would just test your connection to the domain controller, and once it becomes valid, then run your script..

This isn't debugged.. but something like this..

(cmd)
@echo off
start 'c:\program files\hamachi\hamachi.exe'  
waitfor /t 10 BOGUSSIGNAL > nul: 2>&1

:TestLoop
If exist \\<servername>.domain.tld\netlogon\loginscript.cmd (
     \\<servername>.domain.tld\netlogon\loginscript.cmd 
     goto :connected
) else (
     waitfor /t 5 BOGUSSIGNAL > nul: 2>&1)

:connected
echo Your login script has been launched.

Open in new window


Basically, the script launches Hamachi (I've only heard of it, not used it), and then waits for 10 seconds.  (Waitfor is built in to Windows 7, 8.. you could also download and use sleep.exe).  After that 10 seconds (basically, just giving Hamachi a chance to connect), then it checks if the login script on the domain controller you are looking for exists (which means your system can 'see' it).  If it does, it runs it, if not, it sleeps for another 5 seconds tries again.. it will continue until it connects.

Here is a powershell version of the same thing
start "" "C:\program files\hamachi\hamachi.exe"
Start-Sleep -Seconds 10

while ($true) {
    if (Test-Path -Path '\\servername\netlogon\loginscript.cmd') {
        & 'cmd.exe /k "\\servername\netlogon\loginscript.cmd"'
    } else {
    Start-Sleep 5
    }
}

Open in new window


Coralon
LogonServer.png
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 250 total points
ID: 39768932
Ideally you want to use a Windows VPN and client, though there are some others such as Cisco, which allow you to connect to the VPN before logging in.  Thus you are actually authenticating to the server, not using cached credentials.  I have blogged as to how to connect with Windows.
http://blog.lan-tech.ca/2012/04/29/connect-to-windows-vpn-at-logon/

If this is not an option you are best to have a batch file on which the user 'clicks' after logon, or add it to their startup menu.
0
 
LVL 1

Author Closing Comment

by:roy_batty
ID: 39782922
The paid for version of Hamachi I am using runs as a service and does connect prior to login. It takes a miinute or two but it does connect.

However I could get GPOs working.

So I took your advice and set up a proper VPN using the the windows server and vpn client.

GPOs working fine now.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 39783080
Good to hear, and it's free :-)
Thanks roy_batty.
Cheers!
--Rob
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IPSec Site to Site VPN Topology 6 64
reboot server with scheduled time and week base 4 58
Excel 2013 Issues 11 56
Shared files and folders migration 2 24
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question