RC1 in existing Active Directory domain

[zephyran]

We're evaluating Vista RC1 (Build 5600) in a couple virtual installations, and would like to take the next step: join them to our Active Directory domain. That will allow easier access to our networked apps and our ISA server, and give us a chance to put them through some real usability testing.

Are there any known issues with Vista and Active Directory (either 2000 or 2003)? Specifically both our domain and forest are Windows 2000 Native, no 2k3 DCs yet. Would joining the Vista machines to our domain cause any problems?

As of yet I haven't been able to find any information on this (good or bad).

 

[dragon927]

I have not ran into any problems when it comes to joining to the domain or accessing resources. The main issue that I am trying to overcome is the adminpak.msi issue. See you can't use the adminpak from 2003 SP1 becuase of version checking, but you can edit the msi. Follow this link to a forum about that:

http://www.tek-tips.com/viewthread.cfm?qid=1265834&page=1.

One thing to note is that you are supposed to be able to use it after you install it from the local admin side, but I still am unable to get the MMCs to function.

 

[Stevehewitt]

I have sucessfully joined a Vista RC2 machine to our Win2k3 domain without any problems at all.

Thanks,




Steve.

"They have the internet on computers now!" - Homer Simpson

 

[markdmac]

dragon927, the admin pack will be re-released soon to work with Vista. The coding is done we are just waiting for the paperwork to go through for all the groups that need to sign off on the release to do so.



I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

 

[dragon927]

Markdmac,

Thanks for in the insight. I can't wait till I can get a hold of it.

 

[markm75]

I've been able to join our 2003 domain, but the login script will not map drives on login.. unless after logging in, i browse out to the FQ path of the batch file and run it manually.. I am using the net command to do the mapping.

Also when I try to access resources on our Sharepoint Portal Server 2003 network, mainly files in document libraries on a page, but not the page itself.. I am prompted for credentials, which has never happened before..

Anyone else ran into this?

 

[markdmac]

Switch over to vbscript for your login script.

For SharePoint, get used to it. I must type my password 50 times a day. The enhanced security is more of a hinderance to me than a help.

I hope you find this post helpful.

Regards,

Mark

Check out my scripting solutions at

http://www.thespidersparlor.com/vbscript

 

[Stevehewitt]

Got a test user (account manager so not a techy) running Vista Enterprise (release, not RC) and hasn't experienced these problems.
Suggest you try the final build.




Steve.

"They have the internet on computers now!" - Homer Simpson

 

[linney]

See if these are useful?


UAC problem with login scripts

http://help.lockergnome.com/vista/UAC-problem-login-scripts-ftopict31024.html

Re: Vista Logon Script

http://www.developersdex.com/asp/message.asp?p=593&r=5431945&page=2

http://www.google.com/search?q=logi...ox&ie=UTF-8&oe=UTF-8&sourceid=ie7&rlz=1I7GGLG

http://groups.google.com.au/groups/...will+not+map+drives++vista&qt_s=Search+Groups

 

[markm75]

Here is the login script that I employ to map the drives in vista, while maintaining UAC control.. This is a simplified version of the various samples on some of the scripting links:





rem @echo off

REM ######################VISTA SECTION #############################
set OSVersionSwap=%TEMP%\osversionwap.txt
set OsVersionTxt=%TEMP%\osversion.txt

ver | findstr "[" > %OSVersionSwap%
for /f "tokens=2 delims=[" %%i in (%OSVersionSwap%) do echo %%i > %OsVersionTxt%
for /f "tokens=2 delims=] " %%i in (%OsVersionTxt%) do set osversion=%%i
rem if not VISTA, then goto the nonVista section:
if "%osversion%" LSS "6.0" goto notvista
rem after LSS 6.0:
REM ###############################################
REM Create Named Scheduled Task to Execute Drive Mappings (reference the file with the net use commands inside):
Set MapScript="\\DCServer\SYSVOL\domain.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\USER\Scripts\Logon\MAPDRIVES.CMD

%systemroot%\system32\schtasks.exe /create /ru %UserDomain%\%Username% /tn MapDrives /sc onlogon /f /rl limited /tr %MapScript%
REM ####################################################

REM ########################### Start Named Scheduled Task to execute Drive Mappings#############################
%systemroot%\system32\schtasks.exe /run /tn MapDrives
REM ##############################################

REM ##############################Clean up after self (Delete the scheduled task)#####################
%systemroot%\system32\schtasks.exe /delete /tn MapDrives /F
REM ###################################################


REM #############CLean up swap files for OS check##################
Del %OSVersionSwap% /Q /F
Del %OsVersionTxt% /Q /F
REM ######################################

goto vistatruedone
REM END VISTA SECTION
REM ###################################################

 

[markm75]

My login script trick for the mapping of the drives had been working fine for the longest time in Vista..

Now suddenly it is failing on this line:

%systemroot%\system32\schtasks.exe /create /ru %UserDomain%\%Username% /tn MapDrives /sc onlogon /f /rl limited /tr %MapScript%

I end up with "access denied" at random times on that one.

Its not consistent, sometimes the user can reboot and all is ok the next try.

Its on both x64 and x86 version, so i'm wondering if anyone else has run into this issue? Perhaps a recent windows update?

Clearly it has an issue with doing the whole scheduled task part..

Thanks

 

[linney]

If you are looking at Windows Updates, then see your recent updates, see if any of them might be interfering with your script.

Microsoft Security Bulletin MS07-032 - Moderate
Vulnerability in Windows Vista Could Allow Information Disclosure (931213)

http://www.microsoft.com/technet/security/bulletin/ms07-032.mspx

http://groups.google.com/groups?um=1&tab=wg&ie=UTF-8&oe=UTF-8&rls=com.microsoft:&q=kb931213+vista

Are there any clues in the Event Viewer?

 

[markm75]

Actually, one of the Vista users Event Viewer is showing this:

The processing of Group Policy failed. Windows attempted to read the file
\\mydomain.com\sysvol\mydomain.com\Policies\{31B2F340-016D-11D2-945F-00C04F­B984F9}\gpt.ini
from a domain controller and was not successful. Group Policy settings may
not be applied until this event is resolved. This issue may be transient and
could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain
controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.




Event ID: 1058
Source: Microsoft-Windows-GroupPolicy

 

[markm75]

attempts to access \\mydomain.com\sysvol result in "cannot find file" errors.


The same path on my vista machine works fine though..

 

[linney]

There may be a bit of relevant information here (there may not too).

http://www.eventid.net/display.asp?eventid=1058&eventno=1752&source=Userenv&phase=1