Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Login Scripts Location?

Status
Not open for further replies.
jwilder

jwilder

IS-IT--Management
Mar 21, 2001
66
US
I have recently added a couple BDC's to my domain. In my user manager I have a template for creating user accounts the points to a .BAT file in my netlogon share that processes everytime a user logs in. Each time I've added a BDC, the 'login' process will look in the netlogon share of the BDC rather than on the PDC. If the file hasn't propogated to the BDC, I'll have to manually copy it there or users don't process logins correctly and won't see their drive shares.

Any ideas as to why this is taking place? Why the my netlogon shares don't propogate? Is there something I may not be aware of?

Advice greatly appreciated.

Thanks.

Jason Wilder
IT/CAD Manager
 
Sort by date Sort by votes
By default, NT will look for login scripts in the NETLOGON share of the domain controller that authenticated the user. You should be using the replication service to propogate your login scripts to all of your DCs. It doesn't hap[pen by default - you have to set it up...

Let us know if you need help setting replication up...:cool: - Bill

"You can get anything you want out of life, if you'll just help enough other people get what they want" - Zig Ziglar
 
Upvote 0 Downvote
If you have a certain server that will be handling your scripts you will need to set up replication from that server to all of the other netlogon servers that you will have. You can set this up by going to server manager and selecting replication and choosing which server will replicate to the others.
 
Upvote 0 Downvote
Ok, I can take a stab at the replication. I don't see that as being too difficult.

That is why I made this post... I understand that the script will run from the authenticating server, but does that mean my domain will randomly pick the PDC or either BDC? Or does authentication take place on the server where the user account originated? In this case ALL accounts orginated on the PDC, yet the login is looking to the BDC's? Can I or do I control this?

Thank you for your responses. Jason Wilder
IT/CAD Manager
 
Upvote 0 Downvote
All accounts will always originate on the PDC. The BDCs only hold backup read-only copies of the SAM database. You really have no control over which domain controller authenticates a user.

When an NT workstation attaches to the network, it checks with WINS to find the IP address of a domain controller. WINS will give it all domain controllers. The authentication request gets sent to all of the DCs, and the first one to respond validates the user. This is how the authentication process "load balances" the domain controllers.

Hope this helps :cool: - Bill

"You can get anything you want out of life, if you'll just help enough other people get what they want" - Zig Ziglar
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Till
  • Locked
  • Question
Domain Admin Login Mail Notification
Replies
1
Views
430
technome
technome
kolob4all
  • Locked
  • Question
Restrict AD users to login to specific computers
Replies
0
Views
230
kolob4all
kolob4all
DTGMI
  • Locked
  • Question
Strange 2008 R2 AD login lockouts!
Replies
1
Views
252
DrB0b
DrB0b
AndyH1
  • Locked
  • Question
Login and Reporting Services and sessions issue
Replies
0
Views
233
AndyH1
AndyH1
subitt32
  • Locked
  • Question
RDP login issue on Server 2008 R2
Replies
0
Views
202
subitt32
subitt32

Part and Inventory Search

Sponsor

Back
Top