Logon script problem

  • Thread starter Thread starter Jonny Bergdahl
  • Start date Start date
J

Jonny Bergdahl

I have a vbscript logon file assigned in group policy. It works as expected
under Windows XP, but none of my Vista machines semems to run the file, as
none of the mapped server shares shows up. I cant find anything related in
the event log.

Please advice as how to debug this problem.

Regards;
/jb
 
You need to use a Vista Group Policy...
See
http://technet2.microsoft.com/Windo...878e-48db-a3c1-4be6ac7cf7631033.mspx?mfr=true
for more information...
Click to expand...

I didn't find anything in that document that says I need to migrate my existing Group Policy settings to support logon scripts för Vista. However, I did find the following that applies to my setup:

----
UAC may prevent Group Policy logon scripts from appearing to work properly. For example, a domain environment contains a Group Policy object that includes a logon script to map network drives. A nonadministrative user logs on to the domain from a Windows Vista computer. After Windows Vista loads the desktop, the nonadministrative user starts Windows Explorer. The user sees their mapped drives. Under the same environment, an administrative user logs on to the domain from a Windows Vista computer. After Windows Vista loads the desktop, the administrative user starts Windows Explorer. The user does not see their mapped drives.
When the administrative user logs on, Windows processes the logon scripts using the elevated token. The script actually works and maps the drive. However, Windows blocks the view of the mapped network drives because the desktop uses the limited token while the drives were mapped using the elevated token.
-----

In short - the script is run, my network drives are actually mapped, but UAC prohibits Windows from showing them in Explorer. It also outlines a workaround using launchapp.wcf to run the script under the limited token.

Regards;
/jb
 
Back
Top