Login Scripts/Home Drives

[Guest]

I have a terminal server 2003 SP1 and oddly, randomly people's login scripts
won't run AND at the same time, they won't get their home drive which is
setup in Active Directory. If they log out and back in, they may/may not get
them eventually. I can run the login script manually and everything
connects. I've already set the group policy to make Windows wait for the
network, which didn't help. Any suggestions? Also, I have 3 AD (Domain
Controllers) is there a way to tell which one logged them in during their
session to see if maybe it's one controller that is having a problem?

 

[Vera Noest [MVP]]

Yes, you can check for the value of %LOGONSERVER%
And that was my first thought as well, maybe something is wrong with
the replication between your DCs? Have you checked the EventLog?

 

[Guest]

Thanks...I new there was a variable for that...but couldn't remember. I
checked the event logs for both Active Directory issues/replication problems
as well as DNS issues...but everything looks normal. Maybe by pinning down a
specific controller with the variable...I can have a better chance of
figuring out the problem. I know this sounds odd, but is there a way for me
to make a specific user in Active Directory always use one specific domain
controller for login...that way, I can create a test user and force it to use
each of my controllers one at a time to see if I hit one that causes the
problem?

 

[Vera Noest [MVP]]

No, I don't think that you can do that. But you can hardcode the
name of a specific DC in the path to the login script, something
like \\DC1\netlogon\my_script

--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---

 

[Guest]

I'll give that a shot also...however that won't connect the home drive for
the client that I have set in Active directory. What is strange is that this
doesn't happen to any of my regular desktop clients (Login script), it's just
the clients that use Terminal Server.

 

[Guest]

Update: I used the echo %logonserver% command on a session that a users
logon script and his home drive didn't connect on. It showed one of my
Global Catalog servers. Then, I had them log out and back in...everything
ran...even got the home drive. Now I then used echo %logonserver% and guess
what, same exact server. Could something be caching credentials one
time...but not the next? I doublechecked all my event logs and don't see
anything that screams out Active directory problem. I checked in Sites and
Services and made sure there are replication links between my servers, and
there are. Talk about confusing.

 

[Vera Noest [MVP]]

Strange. Don't know if this will help, but have you tried to enable
verbose logging of the user environment?

221833 - How to enable user environment debug logging in retail
builds of Windows
http://support.microsoft.com/?kbid=221833

How about the TS specific logon script, \system32\UsrLogon.Cmd? Is
it possible that something there is interfering with your AD-
defined logon script? Although that shouldn't prevent the home
drive from being mapped correctly.

I understand that you have enabled a GPO with
Computer Configuration - Administrative templates - System - Logon
- Always wait for the network
but have you also enabled
Computer Configuration - Administrative templates - System -
Scripts - Run logon script synchronously?

--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---

 

[Guest]

First I want to say, thanks Vera for sticking this one out with me. Ok,
first and update. I found one of my problems for others in the forum. LOOK
OVER YOUR DNS. What I found is actually that a DNS/Active Directory problem
was causing my logon scripts not to process correctly. I found entries for
an old (6 month) Active Directory server that I had removed from my network
that once I manually cleaned up in DNS, my login scripts are consistently
running now.

The only problem that still remains now is my home drive that is set in
Active Directory almost NEVER connects. Any suggestions on that one?