Question : AD logon scripts not applied consistently in GPO

The environment is a new active directory 2003 domain with two servers.   Default domain GPO is not enabled so nothing could be interfering.   GPO applied to user ou works most of the time.  Things that work are folder redirection and proxy settings.

In the GPO in the user configuration>windows settings>scripts a bat file contains a simple mapping command.   It is not applied even though everything else is.....

Running Gpresult says the GPO is applied at the user level and there are no errors on login or event viewer.  I have run gpupdate /force with no results.  It continues to say there are no problems but the users don't get the mapping.   Using this same type batch file on other ou's work

I have checked the logon script rights and the rights to the share for the users to map to.

Anyone have an idea on why the system is ignoring the logon script?

Answer : AD logon scripts not applied consistently in GPO

when you use this method to apply logon scripts, the script is running with the running user rights.
if the user is restricted to map a network drive or dont have access to map the shared network folder or to run the script, then it wont happen.
you can try to run the batch file while you are logged in as the user on the station and check if you get an error message

my suggestion is, in order to have the script running with administrator rights, you put the script on the DC NETLOGON share.
and then open a user properties under profile tab type the name of the script (login.bat) into the "Login Script:" line.
that way the script will run as full rights at the login of a user to the network.

thanks
LionBSD
Random Solutions  
 
programming4us programming4us