Unable to map drives with logon script

Can you help me? Answers for everyone's issues seem to be found here.

I am running Server 2003. I have user accounts set up in AD with no special membership to any group other than Users. I have each user configured for a home directory which I have assigned the resource letter of L:. Each user can logon to the domain successfully and map to their L: drive which means that I at least have the profile path portion of the accounts correct. However, I am not able to get a single user account to access the logon script that I have created.

The logon script is a simple .bat file that performs a simple mapping. Ex.:

@echo off

net use K: \\servername\shared folder /PERSISTENT:NO

exit

The Script Path in the account profile tab shows only the file name of the .bat file and not the full UNC path name. I have even tried leaving the Script Path field empty and manage the logon script via the Group Policy editor under User Configuration/Windows Settings/Scripts(Logon/Logoff)/Logon.

Things get a little fuzzy at this point because I guess I have reached the limits of my knowledge on this issue. Am I supposed to click on ADD to add the path of the location where the logon script resides at this point or am I supposed to click on Show Files and make sure the logon script is in the patch presented to me when I click this command button?

Please help.

"c54618" <c54618.38rgvf@DoNotSpam.com> wrote in message
news:c54618.38rgvf@DoNotSpam.com...
>
> Can you help me? Answers for everyone's issues seem to be found here.
>
> I am running Server 2003. I have user accounts set up in AD with no
> special membership to any group other than Users. I have each user
> configured for a home directory which I have assigned the resource
> letter of L:. Each user can logon to the domain successfully and map to
> their L: drive which means that I at least have the profile path portion
> of the accounts correct. However, I am not able to get a single user
> account to access the logon script that I have created.
>
> The logon script is a simple .bat file that performs a simple mapping.
> Ex.:
>
> @echo off
>
> net use K: \\servername\shared folder /PERSISTENT:NO
>
> exit
>
> The Script Path in the account profile tab shows only the file name of
> the .bat file and not the full UNC path name. I have even tried leaving
> the Script Path field empty and manage the logon script via the Group
> Policy editor under User Configuration/Windows
> Settings/Scripts(Logon/Logoff)/Logon.
>
> Things get a little fuzzy at this point because I guess I have reached
> the limits of my knowledge on this issue. Am I supposed to click on ADD
> to add the path of the location where the logon script resides at this
> point or am I supposed to click on Show Files and make sure the logon
> script is in the patch presented to me when I click this command
> button?
>
> Please help.

This FAQ should help:

http://www.rlmueller.net/LogonScriptFAQ.htm

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

"c54618" <c54618.38rgvf@DoNotSpam.com> wrote in message
news:c54618.38rgvf@DoNotSpam.com...
>
> Can you help me? Answers for everyone's issues seem to be found here.
>
> I am running Server 2003. I have user accounts set up in AD with no
> special membership to any group other than Users. I have each user
> configured for a home directory which I have assigned the resource
> letter of L:. Each user can logon to the domain successfully and map to
> their L: drive which means that I at least have the profile path portion
> of the accounts correct. However, I am not able to get a single user
> account to access the logon script that I have created.
>
> The logon script is a simple .bat file that performs a simple mapping.
> Ex.:
>
> @echo off
>
> net use K: \\servername\shared folder /PERSISTENT:NO
>
> exit
>
> The Script Path in the account profile tab shows only the file name of
> the .bat file and not the full UNC path name. I have even tried leaving
> the Script Path field empty and manage the logon script via the Group
> Policy editor under User Configuration/Windows
> Settings/Scripts(Logon/Logoff)/Logon.
>
> Things get a little fuzzy at this point because I guess I have reached
> the limits of my knowledge on this issue. Am I supposed to click on ADD
> to add the path of the location where the logon script resides at this
> point or am I supposed to click on Show Files and make sure the logon
> script is in the patch presented to me when I click this command
> button?
>
> Please help.

The logon script must reside in the \\DomainController\netlogon share.

I'm following you all the way, Richard. However, when I go into the Group Policy Object Editor and navigate to "User Configuration”, “Windows Settings”, “Scripts (Logon/Logoff)” and click on Show Files... the path shows the following:

C:\WINDOWS\System32\GroupPolicy\User\Scripts\Logon

And lo and behold, my logon script .bat file is there. However, is this path correct? I thought the logon script file was supposed to be in the following path:

C:\WINDOWS\sysvol\SYSVOL\Domain Name\Scripts\Logon

or

\\servername\NETLOGON


But I also read where the logon script file is supposed to be located in the following path:

C:\WINDOWS\sysvol\SYSVOL\Domain Name\<policy GUID>\user\scripts\logon

I located that path and not only is my logon script file not there, the "scripts" folder for this path doesn't exist either. What gives?

Does my server have a birth defect?

I'm now even more confused on just where this logon script file is supposed to go.


c54618 -

"c54618" <c54618.38t8rd@DoNotSpam.com> wrote in message
news:c54618.38t8rd@DoNotSpam.com...
>
> I'm following you all the way, Richard. However, when I go into the
> Group Policy Object Editor and navigate to "User Configuration”,
> “Windows Settings”, “Scripts (Logon/Logoff)”
> and click on Show Files... the path shows the following:
>
> C:\WINDOWS\System32\GroupPolicy\User\Scripts\Logon
>
> And lo and behold, my logon script .bat file is there. However, is
> this path correct? I thought the logon script file was supposed to be
> in the following path:
>
> C:\WINDOWS\sysvol\SYSVOL\Domain Name\Scripts\Logon
>
> or
>
> \\servername\NETLOGON
>
>
> But I also read where the logon script file is supposed to be located
> in the following path:
>
> C:\WINDOWS\sysvol\SYSVOL\Domain Name\<policy GUID>\user\scripts\logon
>
> I located that path and not only is my logon script file not there, the
> "scripts" folder for this path doesn't exist either. What gives?
>
> Does my server have a birth defect?
>
> I'm now even more confused on just where this logon script file is
> supposed to go.
>
>
> c54618 -

There are two ways to configure logon scripts. You should not use both
methods. If you specify the logon script file name on the Profile tab of
ADUC, the logon script should be saved in the directory:

C:\WINDOWS\sysvol\SYSVOL\<Domain Name>\Scripts

Alternatively, if you use Group Policy, the logon script is actually saved
in the folder:

c:\windows\sysvol\sysvol\<domain DNS name>\<policy GUID>\user\scripts\logon

But that is too difficult to find. In Group Policy navigate to "User
Configuration", "Windows Settings", "Scripts (Logon/Logoff)", "Logon". Best
practice is to copy the file you want for the Logon script to the Windows
clipboard, open the "Logon" setting in the Group Policy editor, press the
"Show Files..." button, and paste the desired file in the dialog. If you do
this, leave the "Logon script" field on the "Profile" tab of ADUC blank.

If you are not sure the logon script is running, perhaps you can add a
statement (near the beginning) that creates a file on the local hard drive.
For example:

echo %username% > c:\flag.txt

will create a text file with the name of the user in the root of C: drive.
The date of the file will be the date/time of logon. If the file is created,
the script ran.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

Sorry, Richard. I did exactly as you recommended. The file is located where the GPO Editor states. I even created the flag.txt file to test if the script is indeed running.

When I logged on the client machine (XP) as a domain user, the flag.txt file was not created.

Are there any other domain settings in GPO Editor that I need to modify?


C54618 -