Re: Logon Scripts Acrossed VPN
- From: "Darren Mar-Elia" <dmanonymous@xxxxxxxxxxxxx>
- Date: Thu, 21 Dec 2006 08:30:16 -0800
Ok. Are you passing ICMP across the VPN? (I'm assuming the DC is not local to the client?). In any case, that error could still be the result of a network timing issue on the client. What does GPMC GPREsults show under the Group Policy Infrastructure Component Status for one of those machines? I think this error is related to computer processing rather than your logon script issue but still probably worth figuring out if there is a problem. You might want to check out this KB as well: http://support.microsoft.com/default.aspx?scid=kb;en-us;840669
Darren
--
Darren Mar-Elia
MS-MVP-Windows Server--Group Policy
http://www.gpoguy.com -- The Windows Group Policy Information Hub:
FAQs, Training Videos, Whitepapers and Utilities for all things Group
Policy-related
Get the NEW GPHealth Reporter tool at http://www.sdmsoftware.com/products.php
"Sean Larabee" <SeanLarabee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:4B10DB10-C50C-4CC2-ACF0-47C8F1BAE54E@xxxxxxxxxxxxxxxx
The vpn runs from a pix 501 at the branch to a pix 506 at HQ and is on all
the time.
--
Thank You,
Sean Larabee
"Darren Mar-Elia" wrote:
This error looks specific to the computer account rather than user account
and I'm guessing its related to GP computer processing firing off before the
network to the DC is available. Is your VPN pinned up all the time or only
at user logon?
--
Darren Mar-Elia
MS-MVP-Windows Server--Group Policy
http://www.gpoguy.com -- The Windows Group Policy Information Hub:
FAQs, Training Videos, Whitepapers and Utilities for all things Group
Policy-related
Get the NEW GPHealth Reporter tool at
http://www.sdmsoftware.com/products.php
"Sean Larabee" <SeanLarabee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CE0B3B5E-018B-4DA1-B43B-B9691CB53180@xxxxxxxxxxxxxxxx
> Darren,
>
> I checked my event log and found:
>
> Event Type: Error
> Event Source: Userenv
> Event Category: None
> Event ID: 1054
> Date: 12/20/2006
> Time: 2:34:45 PM
> User: NT AUTHORITY\SYSTEM
> Computer: SALES2
> Description:
> Windows cannot obtain the domain controller name for your computer
> network.
> (An unexpected network error occurred. ). Group Policy processing > aborted.
>
> ----------------------------------------------------------------------------------------
>
> I have full connectivity and can ping my domain servers by name and IP.
>
> This same error seems to be on every system in my remote offices.
>
> I've nver run into to this before.
>
> Thoughts?
>
> -- > Thank You,
> Sean Larabee
>
>
> "Darren Mar-Elia" wrote:
>
>> Sean-
>> Scripts are a pain the you-know-what to troubleshoot but here are a >> few
>> ideas. Look for event in the application event log on those remote
>> systems
>> with a source of Userinit. They may shed some light on why the scripts
>> aren't running. Also, the key is to figure out if the scripts are just
>> not
>> running or if they are running and failling when run via the logon
>> script,
>> so I would put a statement like Wscript.echo "I'm running!" at the
>> beginning
>> of the script to see if it actually runs. Then you at least know that.
>>
>> Of course, the next most obvious thing to do is run the GPMC GPResults
>> Wizard against those machine to ensure that they are actually >> processing
>> that scripts policy.
>>
>> -- >> Darren Mar-Elia
>> MS-MVP-Windows Server--Group Policy
>> http://www.gpoguy.com -- The Windows Group Policy Information Hub:
>> FAQs, Training Videos, Whitepapers and Utilities for all things Group
>> Policy-related
>>
>> Get the New GPHealth Reporter tool at
>> http://www.sdmsoftware.com/products.php
>> Group Policy Management solutions at http://www.sdmsoftware.com
>>
>>
>>
>>
>> "Sean Larabee" <SeanLarabee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in >> message
>> news:81ED9920-FA7F-4160-8451-A37913D911A2@xxxxxxxxxxxxxxxx
>> > Darren,
>> >
>> > I tried changing the remote systems local GPO's script policy
>> > proccessing
>> > settings as you suggested but the script still is not processing.
>> >
>> > So I made a copy local and saved the file logon.vbs to the desktop >> > and
>> > double click and it mapped all the drives.
>> >
>> > Below is the script:
>> >
>> > ----------------------------------------
>> >
>> > Option Explicit
>> > Dim objNetwork
>> > Dim strDriveLetter, strRemotePath, strUserName
>> > strDriveLetter = "Z:"
>> > strRemotePath = "\\domserv1\users"
>> >
>> >
>> > Set objNetwork = WScript.CreateObject("WScript.Network")
>> >
>> > strUserName = objNetwork.UserName
>> > objNetwork.MapNetworkDrive strDriveLetter, strRemotePath _
>> > & "\" & strUserName
>> >
>> > Dim WSHNetwork
>> > Set WSHNetwork = WScript.CreateObject("WScript.Network")
>> >
>> > WSHNetwork.MapNetworkDrive "x:", "\\domserv1\it"
>> >
>> > WSHNetwork.MapNetworkDrive "y:", "\\domserv1\general"
>> >
>> > WScript.Quit
>> >
>> > -----------------------------------------------------------------------
>> >
>> > Any thoughts?
>> >
>> > Thank You,
>> > Sean Larabee
>> >
>> >
>> > "Darren Mar-Elia" wrote:
>> >
>> >> Scripts are one of those policies that don't process if a GP slow >> >> link
>> >> is
>> >> detected, so that may be what's happening for your remote sites. >> >> You
>> >> can
>> >> override this behavior by enabling the policy for those remote
>> >> computers
>> >> under Computer Configuration\Admin. Templates\System\Group
>> >> Policy\Scripts
>> >> Policy Processing\Allow processing across a slow network connection
>> >>
>> >> Darren
>> >>
>> >> -- >> >> Darren Mar-Elia
>> >> MS-MVP-Windows Server--Group Policy
>> >> http://www.gpoguy.com -- The Windows Group Policy Information Hub:
>> >> FAQs, Training Videos, Whitepapers and Utilities for all things >> >> Group
>> >> Policy-related
>> >>
>> >> Get the NEW GPHealth Reporter tool at
>> >> http://www.sdmsoftware.com/products.php
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> "Sean Larabee" <SeanLarabee@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>> >> message
>> >> news:1739EBBF-082B-4CB0-A497-7375934A2DD8@xxxxxxxxxxxxxxxx
>> >> > Hello All,
>> >> >
>> >> > Our company has a main office and 3 branch offices.
>> >> >
>> >> > After coming on here I implemented a Win2K AD Domain.
>> >> >
>> >> > I have separate OU's for the separate departments and have vbs >> >> > logon
>> >> > scripts
>> >> > attached to the GPO's for those OU's to map drives according to
>> >> > department
>> >> > needs and permissions.
>> >> >
>> >> > All of the scripts run fine except for this scenario:
>> >> >
>> >> > My branch office all connect back to the main office using Cisco >> >> > PIX
>> >> > to
>> >> > PIX
>> >> > VPN over high speed DSL.
>> >> >
>> >> > The main office is on a 192.168.1.0/24 subnet and the branch >> >> > offices
>> >> > are
>> >> > 192.168.2.0/24 up to 192.168.4.0/24 respectively.
>> >> >
>> >> > All user that logon at the main office end up with mapped drives.
>> >> >
>> >> > All users logging on at a remote office the drive do not map and
>> >> > there
>> >> > is
>> >> > no
>> >> > error.
>> >> >
>> >> > Any help would be appreciated.
>> >> >
>> >> > -- >> >> > Thank You,
>> >> > Sean Larabee
>> >> >
>> >>
>>
.
- References:
- Re: Logon Scripts Acrossed VPN
- From: Darren Mar-Elia
- Re: Logon Scripts Acrossed VPN
- From: Sean Larabee
- Re: Logon Scripts Acrossed VPN
- From: Darren Mar-Elia
- Re: Logon Scripts Acrossed VPN
- From: Sean Larabee
- Re: Logon Scripts Acrossed VPN
- From: Darren Mar-Elia
- Re: Logon Scripts Acrossed VPN
- From: Sean Larabee
- Re: Logon Scripts Acrossed VPN
- Prev by Date: Re: gpo to prevent rename computer and domain join
- Next by Date: Re: secedit command to export policies not working?
- Previous by thread: Re: Logon Scripts Acrossed VPN
- Next by thread: power shcemes via group policy
- Index(es):
Relevant Pages
|
