Logon script not running for group policy

[Guest]

Dear All,
I created a very simple logon script for all of my users, it contained:

net use h:\\pdc\test

it doesnot work when user logon.. why ? please advise

regards
Winanjaya

 

[Guest]

There must not be a space between H: and \\pdc\test.

HTH.

 

[Guest]

Hi
Thanks, Yes .. I did NET USE H: \\PDC\TEST in my alllogon.bat and put it on
Group Policy -> Logon script .. but it still not running when user logon to
our PDC? please advise ..many thanks

Regards
Winanjaya

 

[Guest]

For user, GP > User Configuration > Windows Settings > Scripts > Logon /
Logoff must be used. For machines, it must be setup under Computer
configuration > Windows Settings > Scripts > Startup / Shutdown.

Make sure that the scripts end in .BAT, .CMD or .VBS (default wscript).

Use gpresult on the client machine that is not receiving GP correctly. Check
Event Viewer for more clues.

Do you have Win 2000 or XP clients?

HTH.

 

[Guest]

One more thing. H: is per default assigned as the drive letter for home folder.
Try using another drive letter and see if this helps.

Do keep us posted.

 

[Guest]

I have changed the "alllogon.bat" to

NET USE I: \\PDC\TEST

but the "alllogon.bat" still not run when they (the users) logon to our PDC
... why? ..
FYI I got below when I run: gpresult in my command prompt... any suggestion?
TIA

gpresult

Microsoft (R) Windows (R) 2000 Operating System Group Policy Result tool
Copyright (C) Microsoft Corp. 1981-1999


Created on Wednesday, December 29, 2004 at 5:10:05 PM


Operating System Information:

Operating System Type: Professional
Operating System Version: 5.0.2195.Service Pack 4
Terminal Server Mode: Not supported

###############################################################

User Group Policy results for:



Domain Name: HO
Domain Type: Windows 2000
Site Name: Default-First-Site-Name

Roaming profile: (None)
Local profile: C:\Documents and Settings\indra.HO

The user is a member of the following security groups:



###############################################################

Last time Group Policy was applied: Wednesday, December 29, 2004 at 5:06:50 PM



###############################################################

Computer Group Policy results for:



Domain Name: HO
Domain Type: Windows 2000
Site Name: Default-First-Site-Name


The computer is a member of the following security groups:

BUILTIN\Administrators
\Everyone
NT AUTHORITY\Authenticated Users

###############################################################

Last time Group Policy was applied: Wednesday, December 29, 2004 at 4:57:36 PM


===============================================================


The computer received "Registry" settings from these GPOs:

Local Group Policy


===============================================================
The computer received "Security" settings from these GPOs:

Local Group Policy


===============================================================
The computer received "EFS recovery" settings from these GPOs:

Local Group Policy

 

[Guest]

I suspect the bat file may not be located in the correct place for GP to
properly run it. To verify this do the following:
Edit the group policy in question and go to where you set the logon policy.
When you get to the point where you can see the entry that shows the bat
file that should be run:
Click on the "Show Files" button. The .bat file should be listed in the
browse box that opens.
If it is not then you need to copy the .bat file into that location and that
should solve the problem.
If it is listed in that browse box then I have pointed you in the wrong
direction and please accept my apologies.

 

[Guest]

It appears that no GPO has been applied for the currently logged in user.

A couple of checks:
1. review input from dclab (location placement of login script)
2. verify that the user*is found in the OU where GP is created
3. confirm that the user is either explicitly listed to receive the GP in
the OU (Read
and Apply Group Policy) or is a member of one of the groups with these
rights
(e.g. Authenticated Users)

* target to receive GP

Keep us posted. HTH.

 

[Guest]

Thanks,
regarding to your suggestion of a couple of checks:
1. Sorry, I don't understand what you mean exactly, but the alllogon.bat is
only contained as follow:
NET USE I: \\PDC\TEST

and TEST folder already had Authenticated users security
2, 3. Users already logon to the PDC and it already exist in the list of
Active Directory Users

I don't know what should I do? .. please advise .. many thanks in advance
Regards
Winanjaya

 

[Chad Mahoney]

Dear All,
I created a very simple logon script for all of my users, it contained:

net use h:\\pdc\test

it doesnot work when user logon.. why ? please advise

regards
Winanjaya

With the PC logged in try to run that command does it work? is that
share there?


If so, check the event viewer for usernv? errors, also when the PC is
logged in goto dos prompt and issue gpupdate command and then check
event viewer on both PC and server.

hth

Chad

 

[Guest]

1. dclab (location placement of login script)
Exact steps: GP > User Configuration > Windows Settings > Scripts
(logon/logoff).
Double click logon on right hand pane > Show Files. Windows Explorer will
open listing a path similar to
\\your_domain_name\sysvol\your_domain_name\Policies\{1234...}\User\Scripts\Logon.
Copy the batch file you already have to this path or create one (e.g.
alllogon.bat).

Continue from the last step, click Add > Browse and select alllogon.bat. The
default path is the one indicated previously. You should use this instead of
the one where alllogon.bat is currently located (to allow AD to manage auto
for you).

2. using "Active Directory Users & Computers" tool, assume that you have
created an OU (Organizational Unit) call DEMO. The user USER01 account is
placed inside this OU. A security group GROUP01 has also been created in the
same OU, and USER01 is made a member of it.

Right mouse click the DEMO OU > Properties > Group Policy > New. Give the
new GP a name,
say GP_User_Logon. Click Edit and execute the steps in #1 above.

3. Once step #2 is completed, make sure that GP_User_logon is highlighted >
Properties > Security tab > Add > select GROUP01. With the group still
highlighted, make certain that "Read" and "Apply Group Policy" are ticked on
the Allow column. Click OK all the way back to commit changes.

Step # 3 is optional if you are comfortable to use the default (where
Authenticated Users will get the GP). However, it is included for
completeness in order to allow you to control exactly who will be affected by
the GP you created.


Do keep us posted on any developments.