erractic behavior of Group Policy

  • Thread starter Thread starter chrismcbr
  • Start date Start date
C

chrismcbr

Greetings all:

Quick question for you. I have a domain run by a Win2003 Server with
31 client computers. I want to have a situation where the client
computers turn on and log onto a certain domain profile automatically.
I have locked down that profile pretty tight in GP, as it is a student
lab and I don't want people messing around with the machines. I have
specified a certain desktop background located on a locally accessible
fileshare.

The thing that is strange is that everything worked great until I went
to the individual machines to specify the registry settings to get the
computer to log on automatically to that profile. I modified the
directory as follows:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\

AutoAdminLogon = 1
DefaultDomainName = [Domain name]
DefaultUserName = [User name]
DefaultPassword = [Password]

Now I have about 7 machines that do not display the default desktop
background. They show it for a second and then it disappears. Then
you see it again when you log off. Very strange.

If you go back to the registry and change the AutoAdminLogon = 1 back
to 0, the desktop background returns.

Any ideas?

Thanks

Chris
 
OK....I am noticing some other behavior. I have lost my network drives
by doing the autologin. Any suggestions on why enabling autologin
causes you to not have network drives?
 
One more post to clarify the issue as I am finding it.

It seems that if I enable auto logon with these registry settings, the
mapped drive in the profile (Active Directory Users and Computers) does
not "happen". I also tried putting it in as a logon script, but
apparently something happens with the autologon that causes the mapped
drive to not be connected. I am really confused why or how to correct
the problem.
 
OK....Here is the updated diagnosis. Can anyone help me?????

I have a lab
of 31 XP Pro computers logging in to a domain (Win2003 Server- AD
Domain Controller and main DNS server) using a profile I have named
"Student." The student profile is pretty locked down but has access to
a network share on the server where it pulls some app files and gets
its desktop background.

Everything was great...the students would log in using the profile and
connect and there were no problems. Then I decided to save myself the
headache of loggin in 31 computers and did the registry modifications
to have the computer auto-login. These mods were four keys in the
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon section of the
registry. I modified:
Default User- Student; Default Password- Student; Default Domain - AMP;
AutoLogin = 1

When I did this all heck broke loose. All of the sudden, the computers
that logged in beautifully when I did it manually, DID NOT MAP THE
NETWORK DRIVE (Z:- It was set in the User Profile). I checked the
event log and found Event 1054- Windows cannot obtain the domain
controller name for your computer network. (The Specified domain either
does not exist or could not be contacted.) Group Policy processing
aborted.

I remove the autologin and the problem goes away. It is the same for
all of my computers. There are no anomolies in the DNS Events...it is
up and working fine as far as I can tell. The DHCP server has the
domain controller listed in the Options. When I log on manually, I get
DNS, Default Gateway...a full lease.

I can't figure it out. The only thing I could guess is that the speed
of the login causes something to be missed from the DHCP Server. Any
thoughts?
 
I would suggest removing the computer(s) reference(s) in the AD and
rejoin the computer(s) (you can either delete them from AD as an admin
on the DC or you can test this by joining a workstation to a workgroup
[e.g. "WG"] and then rejoin. The SID and computer's GUID may be
corrupt.
 
Back
Top