• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 297
  • Last Modified:

Is it possible to execute a different login script when the user logs into a terminal server?

I want to map a user to different shares when they login to my terminal server then when they login to the domain on their local computer.

Windows 2003 DC

Is there a way to do this within the login script. Detect if it's a TS session and map accordingly?
0
J C
Asked:
J C
  • 4
  • 4
  • 3
  • +2
1 Solution
 
Simon Butler (Sembee)ConsultantCommented:
Don't know why this is in the Exchange zone...

Login script? How quaint.

Use a computer based group policy to map the drives. Set the filters so it only applies to specific computers and then add your terminal servers to the list.

Simon.
0
 
MaheshArchitectCommented:
You can do this if you have 2008 \ 2008 R2 \ Win7 Management machine for group policy

From there apply new GPO to OU containing terminal server and within GPO, navigate to user configuration\Preferences\windows setting\drive map, add your drive map settings like below

Now if user logon to that particular terminal server within that OU where GPO is applied, it will get only required share drive only
drive-map-gpo.docx
0
 
J CAuthor Commented:
Here is what I have done.

At one of our satellite offices I dropped in a RODC. I create a new site and created the RODC. I then created an OU and dropped the computers in the satellite office into that OU and created a GPO for it and linked it to the OU. I added the logon script to the user configuration and then enabled the loopback policy that should all GPO's for all users on that particular computer. I could not get the logon script to run on those computers. Should this work?
0
Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

 
Simon Butler (Sembee)ConsultantCommented:
There was no need to have a RODC in the site for it to work, as that just moves the authentication point locally. If it was working before then it should work now.

Use GPMC and the tool to look at the policies to see if the policy is being applied correctly.
Do you have to use a login script? Are you not able to do everything the script does with group policy objects?

Simon.
0
 
MaheshArchitectCommented:
By looking your requirement, do you have logon script enough intelligent to detect user local login \ terminal server login and do the appropriate action ?

I guess its not, hence I have provided you GP preference alternative

Try above and let me know errors if any

Mahesh.
0
 
J CAuthor Commented:
I didn't place the RODC there for that purpose. I deployed it to speed up logins/dns response times and make other resources/local file storage more readily available to our remote users. I was only trying to describe my use case and provide more detail.

It's been a while since I've delved into AD and GPO's so maybe I need to make myself current to investigate other options. MY remote users are not logging into a terminal server. They are logging into their computers and that is where I need the script to execute.
0
 
MaheshArchitectCommented:
But in question you have mentioned about two different share folders to be mapped when user logging to locally and terminal session respectively
0
 
J CAuthor Commented:
Mahesh,

It is a dumb login script. I can look at developing something with a vb script if need be. I thought this should be pretty simple. Place the computers in an OU. Create the GPO that runs the script and enable loopback. I'll look at the alternatives you've suggested and see if I can make it work. Thanks
0
 
J CAuthor Commented:
I sync files between my remote sites and our corp office. When they login to our terminal server. I want to map them to the file server on the LAN which is at our corp office.

When they login to their local computers at the satellite office I want to map them to the file server on their LAN. Does that make sense? I don't want them to have to access their files over the internet when they are available in each location over the LAN
0
 
MaheshArchitectCommented:
Yes, that make sense

you can try my 1st comment to achieve that
0
 
compdigit44Commented:
If you are synching files from one office to another this sound like a perfect setup for DFS...
0
 
McKnifeCommented:
If you would like to use a simple solution, use this lines at the start of your login script:
if %computername%==YourTS goto end

This skips the whole script if you write
:end
at the last line. Then you could simply setup a local logon script at your TS and you are done.

If that sounds too simple and you want a more scientific approach, you can of course use group policy loopback processing http://support.microsoft.com/kb/231287 or GPO WMI filtering http://technet.microsoft.com/en-us/library/cc779036(v=ws.10).aspx

We could read here that you can also set this logon script inside a computer policy and target it at the TS - incorrect. Inside a computer policy, we cannot map network drives.
0
 
Simon Butler (Sembee)ConsultantCommented:
There is an even better solution - deploy a domain DFS.
That will do the replication for you, but also is site aware, so if you map a drive to \\example.local\dfs\share then they will go to the one that is located in their AD site.

I have a client who has a single share for the entire company, with offices in about 20 countries. They all map to the closest copy. Makes it ideal for an installation point share as well.

Simon.
0
 
McKnifeCommented:
You selected Mahesh's solution - did you try it? Because it will not work, it applies user settings to a computer object (the TS), which will be ignored.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 4
  • 4
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now