Solved

Is it possible to execute a different login script when the user logs into a terminal server?

Posted on 2014-04-17
14
281 Views
Last Modified: 2014-05-25
I want to map a user to different shares when they login to my terminal server then when they login to the domain on their local computer.

Windows 2003 DC

Is there a way to do this within the login script. Detect if it's a TS session and map accordingly?
0
Comment
Question by:J C
  • 4
  • 4
  • 3
  • +2
14 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40008323
Don't know why this is in the Exchange zone...

Login script? How quaint.

Use a computer based group policy to map the drives. Set the filters so it only applies to specific computers and then add your terminal servers to the list.

Simon.
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40009740
You can do this if you have 2008 \ 2008 R2 \ Win7 Management machine for group policy

From there apply new GPO to OU containing terminal server and within GPO, navigate to user configuration\Preferences\windows setting\drive map, add your drive map settings like below

Now if user logon to that particular terminal server within that OU where GPO is applied, it will get only required share drive only
drive-map-gpo.docx
0
 

Author Comment

by:J C
ID: 40012943
Here is what I have done.

At one of our satellite offices I dropped in a RODC. I create a new site and created the RODC. I then created an OU and dropped the computers in the satellite office into that OU and created a GPO for it and linked it to the OU. I added the logon script to the user configuration and then enabled the loopback policy that should all GPO's for all users on that particular computer. I could not get the logon script to run on those computers. Should this work?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40013035
There was no need to have a RODC in the site for it to work, as that just moves the authentication point locally. If it was working before then it should work now.

Use GPMC and the tool to look at the policies to see if the policy is being applied correctly.
Do you have to use a login script? Are you not able to do everything the script does with group policy objects?

Simon.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40013350
By looking your requirement, do you have logon script enough intelligent to detect user local login \ terminal server login and do the appropriate action ?

I guess its not, hence I have provided you GP preference alternative

Try above and let me know errors if any

Mahesh.
0
 

Author Comment

by:J C
ID: 40013371
I didn't place the RODC there for that purpose. I deployed it to speed up logins/dns response times and make other resources/local file storage more readily available to our remote users. I was only trying to describe my use case and provide more detail.

It's been a while since I've delved into AD and GPO's so maybe I need to make myself current to investigate other options. MY remote users are not logging into a terminal server. They are logging into their computers and that is where I need the script to execute.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40013377
But in question you have mentioned about two different share folders to be mapped when user logging to locally and terminal session respectively
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:J C
ID: 40013378
Mahesh,

It is a dumb login script. I can look at developing something with a vb script if need be. I thought this should be pretty simple. Place the computers in an OU. Create the GPO that runs the script and enable loopback. I'll look at the alternatives you've suggested and see if I can make it work. Thanks
0
 

Author Comment

by:J C
ID: 40013382
I sync files between my remote sites and our corp office. When they login to our terminal server. I want to map them to the file server on the LAN which is at our corp office.

When they login to their local computers at the satellite office I want to map them to the file server on their LAN. Does that make sense? I don't want them to have to access their files over the internet when they are available in each location over the LAN
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 40013390
Yes, that make sense

you can try my 1st comment to achieve that
0
 
LVL 19

Expert Comment

by:compdigit44
ID: 40013569
If you are synching files from one office to another this sound like a perfect setup for DFS...
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40014187
If you would like to use a simple solution, use this lines at the start of your login script:
if %computername%==YourTS goto end

This skips the whole script if you write
:end
at the last line. Then you could simply setup a local logon script at your TS and you are done.

If that sounds too simple and you want a more scientific approach, you can of course use group policy loopback processing http://support.microsoft.com/kb/231287 or GPO WMI filtering http://technet.microsoft.com/en-us/library/cc779036(v=ws.10).aspx

We could read here that you can also set this logon script inside a computer policy and target it at the TS - incorrect. Inside a computer policy, we cannot map network drives.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 40014200
There is an even better solution - deploy a domain DFS.
That will do the replication for you, but also is site aware, so if you map a drive to \\example.local\dfs\share then they will go to the one that is located in their AD site.

I have a client who has a single share for the entire company, with offices in about 20 countries. They all map to the closest copy. Makes it ideal for an installation point share as well.

Simon.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40089281
You selected Mahesh's solution - did you try it? Because it will not work, it applies user settings to a computer object (the TS), which will be ignored.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video discusses moving either the default database or any database to a new volume.

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now