Solved

Is it possible to execute a different login script when the user logs into a terminal server?

Posted on 2014-04-17
14
280 Views
Last Modified: 2014-05-25
I want to map a user to different shares when they login to my terminal server then when they login to the domain on their local computer.

Windows 2003 DC

Is there a way to do this within the login script. Detect if it's a TS session and map accordingly?
0
Comment
Question by:J C
  • 4
  • 4
  • 3
  • +2
14 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40008323
Don't know why this is in the Exchange zone...

Login script? How quaint.

Use a computer based group policy to map the drives. Set the filters so it only applies to specific computers and then add your terminal servers to the list.

Simon.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40009740
You can do this if you have 2008 \ 2008 R2 \ Win7 Management machine for group policy

From there apply new GPO to OU containing terminal server and within GPO, navigate to user configuration\Preferences\windows setting\drive map, add your drive map settings like below

Now if user logon to that particular terminal server within that OU where GPO is applied, it will get only required share drive only
drive-map-gpo.docx
0
 

Author Comment

by:J C
ID: 40012943
Here is what I have done.

At one of our satellite offices I dropped in a RODC. I create a new site and created the RODC. I then created an OU and dropped the computers in the satellite office into that OU and created a GPO for it and linked it to the OU. I added the logon script to the user configuration and then enabled the loopback policy that should all GPO's for all users on that particular computer. I could not get the logon script to run on those computers. Should this work?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40013035
There was no need to have a RODC in the site for it to work, as that just moves the authentication point locally. If it was working before then it should work now.

Use GPMC and the tool to look at the policies to see if the policy is being applied correctly.
Do you have to use a login script? Are you not able to do everything the script does with group policy objects?

Simon.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40013350
By looking your requirement, do you have logon script enough intelligent to detect user local login \ terminal server login and do the appropriate action ?

I guess its not, hence I have provided you GP preference alternative

Try above and let me know errors if any

Mahesh.
0
 

Author Comment

by:J C
ID: 40013371
I didn't place the RODC there for that purpose. I deployed it to speed up logins/dns response times and make other resources/local file storage more readily available to our remote users. I was only trying to describe my use case and provide more detail.

It's been a while since I've delved into AD and GPO's so maybe I need to make myself current to investigate other options. MY remote users are not logging into a terminal server. They are logging into their computers and that is where I need the script to execute.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40013377
But in question you have mentioned about two different share folders to be mapped when user logging to locally and terminal session respectively
0
 

Author Comment

by:J C
ID: 40013378
Mahesh,

It is a dumb login script. I can look at developing something with a vb script if need be. I thought this should be pretty simple. Place the computers in an OU. Create the GPO that runs the script and enable loopback. I'll look at the alternatives you've suggested and see if I can make it work. Thanks
0
 

Author Comment

by:J C
ID: 40013382
I sync files between my remote sites and our corp office. When they login to our terminal server. I want to map them to the file server on the LAN which is at our corp office.

When they login to their local computers at the satellite office I want to map them to the file server on their LAN. Does that make sense? I don't want them to have to access their files over the internet when they are available in each location over the LAN
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40013390
Yes, that make sense

you can try my 1st comment to achieve that
0
 
LVL 19

Expert Comment

by:compdigit44
ID: 40013569
If you are synching files from one office to another this sound like a perfect setup for DFS...
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40014187
If you would like to use a simple solution, use this lines at the start of your login script:
if %computername%==YourTS goto end

This skips the whole script if you write
:end
at the last line. Then you could simply setup a local logon script at your TS and you are done.

If that sounds too simple and you want a more scientific approach, you can of course use group policy loopback processing http://support.microsoft.com/kb/231287 or GPO WMI filtering http://technet.microsoft.com/en-us/library/cc779036(v=ws.10).aspx

We could read here that you can also set this logon script inside a computer policy and target it at the TS - incorrect. Inside a computer policy, we cannot map network drives.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40014200
There is an even better solution - deploy a domain DFS.
That will do the replication for you, but also is site aware, so if you map a drive to \\example.local\dfs\share then they will go to the one that is located in their AD site.

I have a client who has a single share for the entire company, with offices in about 20 countries. They all map to the closest copy. Makes it ideal for an installation point share as well.

Simon.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40089281
You selected Mahesh's solution - did you try it? Because it will not work, it applies user settings to a computer object (the TS), which will be ignored.
0

Join & Write a Comment

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now