Announcement

Collapse
No announcement yet.

AD Logon script not running - user doesn't have authentication

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AD Logon script not running - user doesn't have authentication

    Forgive my ignorance, I am dabbling in things I don't completely understand here. I'm trying to set up a home network and learn a bit about how domains and Active Directory works, and have finally hit a wall. What I am doing is overkill for a home network, but I'm doing things this way to learn.

    I have a Win 2008 R2 server box that is running the AD/DNS.
    I have another Win 2008 R2 box that is configured more like a workstation. I have successfully (I think) connected it to the domain, and from this machine I have logged into a domain user account I created.

    My issue is that after following a few guides for how to set up a logon script, I can't get it to run when I logon. I think the issue is that for some reason, my AD user account doesn't have the credentials to access the script. For instance, when I run the following in the cmd console:

    C:\>\\SERVER_NAME.MY.DOMAIN\netlogon\logon.bat

    I get

    The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.

    Similarly, if I try to connect to \\SERVER_NAME.MY.DOMAIN in windows explorer, it prompts me for my credentials. These are the same credentials for the user account that I am currently logged into. If I provide the credentials, I can access the logon.bat script and run it and it does what I expect (map a network location to a drive). This tells me that the script works and the folder it's in is properly shared.

    Any ideas on what might be going on here? Please remember that I am an absolute novice and am groping around in the dark a bit with a few how-to guides on the internet to help me find my way thus far.

    -Ross

  • #2
    Re: AD Logon script not running - user doesn't have authentication

    I may have just figured it out by fiddling. Perhaps it had something to do with settings in the account tab under that user account. Could anyone shed some light on what settings I should be using (i.e. what check boxes should be checked?)

    Comment


    • #3
      Re: AD Logon script not running - user doesn't have authentication

      Hi,

      Try this out
      http://www.petri.com/setting-up-logo...erver-2008.htm
      Thanks & Regards
      v-2nas

      MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
      Sr. Wintel Eng. (Investment Bank)
      Independent IT Consultant and Architect
      Blog: http://www.exchadtech.blogspot.com

      Show your appreciation for my help by giving reputation points

      Comment


      • #4
        Re: AD Logon script not running - user doesn't have authentication

        Are you sure you are logging in with a domain account?
        in the logon screen hit switch user and then select other user
        fill in the box: mydomain\username (your own credentials)
        be sure you have sufficient rights with the account you are using because you are log in on a server system so start of with the domain administrator account to test your script
        and try again.
        i would recommend also to get your hands on the server 2008 active directory course from trainsignal (www.trainsignal.com)
        there is a lot to learn but it is fun

        hope this will help

        rgds Marco

        Comment


        • #5
          Re: AD Logon script not running - user doesn't have authentication

          Originally posted by mhoogev View Post
          Are you sure you are logging in with a domain account?
          Yes, quite sure. Like I put in my reply, I fiddled with some of the settings under the account tab in the user properties screen (i.e. The Kerberos settings) that I had unintentionally checked when I first set up the account. By unchecking all of these I was able to get the script to run. So I guess my question at this point is what should these settings be? Am I sacrificing security by not having something checked?

          -Ross

          Comment


          • #6
            Re: AD Logon script not running - user doesn't have authentication

            normally you leave them or if you have special needs on your system. the setting i use is the user must change password at first logon further sometimes the password never expires and the disable account leave the rest for what it is and use them only if special circumstances requires that you have to configure them.

            so i hope the problem is solved

            Marco

            Comment

            Working...
            X