I have recently set up a trust between the two domains at our College.
It seems to be set up fine, the security seems to work and I can log onto either domain from any comptuer.
The problem I have is that when I log using an account in domain x from a machine in domain y my home folder correctly but the login scripts doesn't execute, thus I have no other network drives.
If I browse for the sysvol share and the login script I can execute it manually with no problem, I don't know why it doesn't execute manually.
Help.
On the script use the full DNS name of the server instead of the short name if you haven't already.Originally Posted by Stuart_C
instead of \\server\share
use \\server.domain.com\share
Ta, I had the same problem yesterday, the school tech WILL be impressed, though your name will get the credit!
Thanks again.
Didn't work. It looks like the script is not executing rather than a problem with the script itself. As I said if I browse to the other sysvol folder I can see the script and execute it and ir runs fine. It just doesn't run automatically. The Home Folder maps in OK as I have set up DNS records for the servers in the oposing domains in each domain.
I did notice that I get the error 1109 detailed here. Whilst I get what it is on about I don't understand if this is the problem as the logon scrip isn't part of a GPO it's part of the users account. If it can map the home folder why can't it run the login script?
Try putting it in the Group policy. When you do so use the full DNS name for the server.
Might try that later as it's going to force me to impliment the cross forest processing of GPO's
Still don't see why it's not executing as part of the login!
also might be worth to try using the full DNS name of the server on the logon script box in the user properties in AD.
Tried that as well. No joy.
Actually I don't think that a GPO will work. All our business users are in the same OU yet I have about 5 different scripts for different people dependingon what they need to access.
Can you manually assign the network drives once you've logged on, while you're on the other domain?
When you manually run the script is it actually assigning the drives, or just running?
Last edited by jamesb; 5th December 2008 at 03:15 PM.
try using full DNS names then
Multi GPO's filtered to security groups... or your VBS script can check against groups?
What happens if you run the logon script as a visible batch file?
Kind of answering Jamesb and DrP...
If I log in to a machine in domain Y using a domain X usernmae I just get the standard desktop. My home drive appears (\\serverX\users\usernameX)
If I go to Start ==> Run ==> \\domainX\sysvol\domainX\scripts\scriptname.bat I can see it and run the script. The script runs fine and all my drives appear.
Now whislt I can manually run this for me (pain that it is) for normal people it's not really an option.
Also I've tried FQDN's for the script path and in the scripts themselves.
Sorry, I meant if you use GPO to turn logon scripts to visible to see what happens when it runs...
User Conf > Administrative Templates > System > Scripts
What about the path \\domainx\netlogon\scripty.bat ?
Just to check, have you got Administrative Templates\System\Group Policy\Allow Cross-Forest User Policy and Roaming User Profiles enabled?
Check the ACL's on the share/sub folders and scripts. Can you confirm what they are?
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote