Re: NETLOGON Share
- From: "Paul Bergson" <pbergson@xxxxxxxxxxxxxxxxx>
- Date: Thu, 12 Jan 2006 15:46:26 -0600
The best place to put it is in the sysvol within the policy that is calling
the login script itself. When a user logs on, they have no drives mapped
yet so they have access to local resources or the sysvol.
http://support.microsoft.com/kb/322241/EN-US/
If you are having trouble with admins modifying scripts then they need to be
demoted. How many admins do you need to modify a script? If a user is a
domain admin, you can try and take something away but they can just go back
and give it back to themselves.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
"Josh Messerschmitt" <joshua.messerschmitt@xxxxxxx> wrote in message
news:epNn7T5FGHA.916@xxxxxxxxxxxxxxxxxxxxxxx
> The way I understand it, the NETLOGON (scripts) share is where to put
> things that will always be available. If a domain has 20 sites/ou's under
> it and each site has a network admin, is it best practice to for each site
> to put their login scripts in this share on a domain controller to be
> replicated? If so, and each admin has full control to this share - there's
> not much stopping the admins from deleting/modifying each other's work -
> unless they turn off inherit permissions on each script, etc. If this is
> preferred practice, what is the best way to give the groups these admins
> are in rights to control the files on this share? Manually on one DC and
> let it replicate? Through ADUC? I did see the SYSVOL share metnioned in
> there.
>
> Any help is appreciated
> --
> Josh Messerschmitt
>
.
- Follow-Ups:
- Re: NETLOGON Share
- From: Josh Messerschmitt
- Re: NETLOGON Share
- References:
- NETLOGON Share
- From: Josh Messerschmitt
- NETLOGON Share
- Prev by Date: Re: Windows 2003 Domain Controller
- Next by Date: Re: DNS Warning with Netdiag
- Previous by thread: NETLOGON Share
- Next by thread: Re: NETLOGON Share
- Index(es):
Relevant Pages
|
