• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

loginscript.vbs in Vista

J

Joe Blow

#1
We are testing .vbs for login scripting. 99% of our install base is XP, one
of my test users is on Vista. When logging in this morning, he received
this error, but later when I had him manually run the script, it worked with
no issue.

Script: \\domain.local\netlogon\loginscript.vbs
Line: 118
Char: 1
Error: The specified domain either does not exist or could not be
contacted.
Code: 8007054B
Source: (null)

Line 118 shows:
strUserDN = objSysInfo.userName

With a line prior in the script defining objSysInfo (Line 100):
Set objSysInfo = CreateObject("ADSystemInfo")

I can post more of the script if necessary, but the whole thing is over 500
lines so I don't want to do that unless I have to.

Thanks!
 

My Computer

R

Richard Mueller [MVP]

#2
"Joe Blow" <joe@xxxxxx> wrote in message
news:ufKn8xNcJHA.3948@xxxxxx

> We are testing .vbs for login scripting. 99% of our install base is XP,
> one of my test users is on Vista. When logging in this morning, he
> received this error, but later when I had him manually run the script, it
> worked with no issue.
>
> Script: \\domain.local\netlogon\loginscript.vbs
> Line: 118
> Char: 1
> Error: The specified domain either does not exist or could not be
> contacted.
> Code: 8007054B
> Source: (null)
>
> Line 118 shows:
> strUserDN = objSysInfo.userName
>
> With a line prior in the script defining objSysInfo (Line 100):
> Set objSysInfo = CreateObject("ADSystemInfo")
>
> I can post more of the script if necessary, but the whole thing is over
> 500 lines so I don't want to do that unless I have to.
>
> Thanks!
The behavior suggests the user logged in locally and not to the domain. Is
that possible? Or was the domain not available and he use cached
credentials?

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
 

My Computer

J

Joe Blow

#3
"Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
message news:umFIdSOcJHA.1704@xxxxxx

>
>
> The behavior suggests the user logged in locally and not to the domain. Is
> that possible? Or was the domain not available and he use cached
> credentials?
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
Definitely not logged locally, he said he logged in, got the error, I went
over to his box and showed him how to manually run the script and it worked
fine.

Seems like I read of a method to force the login script to wait until the
network is up/active prior to running. Does that ring a bell? I do have
the script assigned via GPO in AD.
 

My Computer

R

Richard Mueller [MVP]

#4
"Joe Blow" <joe@xxxxxx> wrote in message
news:eyTE1WOcJHA.1188@xxxxxx

>
> "Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
> message news:umFIdSOcJHA.1704@xxxxxx

>>
>>
>> The behavior suggests the user logged in locally and not to the domain.
>> Is that possible? Or was the domain not available and he use cached
>> credentials?
>>
>> --
>> Richard Mueller
>> MVP Directory Services
>> Hilltop Lab - http://www.rlmueller.net
>> --
>>
> Definitely not logged locally, he said he logged in, got the error, I went
> over to his box and showed him how to manually run the script and it
> worked fine.
>
> Seems like I read of a method to force the login script to wait until the
> network is up/active prior to running. Does that ring a bell? I do have
> the script assigned via GPO in AD.
>
A delay was required in Windows 95/98, but not since. By default logon
scripts run with a full user token (representing group memberships), even
though a limited token is used afterwards (due to UAC). I'm not sure if this
applies here (as no permissions are required to retrieve objSysInfo.userName
other than authenticated user), but here is a link discussing why drives
mapped in a logon script cannot be viewed and how to fix:

http://social.technet.microsoft.com.../thread/86a61bb4-ab90-405e-9adf-355e7245d632/

Basically, the logon script can map the drives but the user cannot view
them. Or the logon script prompts for permission and the user doesn't see
the prompt.

One fix is a *.wsf file that basically runs the logon script as a separate
task, so they run in what is called UAP mode. There's a good example in the
link. The other fix is a group policy setting, but I think it only applies
to Administrators. Let us know if this helps.

If you want to try a delay, simply insert the following in the VBScript:

Wscript.Sleep 1000

This pauses for 1000 milliseconds. I used to use 100 milliseconds in Win9x.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
 

My Computer

R

\RemS

#5
"Joe Blow" wrote:

>
> "Richard Mueller [MVP]" <rlmueller-nospam@xxxxxx> wrote in
> message news:umFIdSOcJHA.1704@xxxxxx

> >
> >
> > The behavior suggests the user logged in locally and not to the domain. Is
> > that possible? Or was the domain not available and he use cached
> > credentials?
> >
> > --
> > Richard Mueller
> > MVP Directory Services
> > Hilltop Lab - http://www.rlmueller.net
> > --
> >
> Definitely not logged locally, he said he logged in, got the error, I went
> over to his box and showed him how to manually run the script and it worked
> fine.
>
> Seems like I read of a method to force the login script to wait until the
> network is up/active prior to running. Does that ring a bell? I do have
> the script assigned via GPO in AD.
>

You might have to turn off the Fast Logon Optimization feature in Vista?

By Enabling the following policy setting (GPO):
Computer Configuration\Administrative Templates\System\Logon\"Always wait
for the network at computer startup and logon"

(or manually,
Go to Registrykey:
HKEY_LOCAL_MACHINE\Software
\Policies\Microsoft\Windows NT
\CurrentVersion\Winlogon\

Edit the value:
SyncForegroundPolicy = 1 ("REG_DWORD")

Reboot the computer )


\Rems
 

My Computer