samba - Nov 2005 - login scripts not being run at session startup

List,
 I have a weird problem on a 3.0.20 PDC. My users can log on correctly (user
credentials is in LDAP) to the domain but the login.bat file is not always
run.
 For some people, it is always run. For other people, it is never run. For a
final group, sometimes it runs, sometimes it doesn't. There aren't any
real
differences in the LDAP entry for the account. The relevant line in smb.confis:
  logon script = \\ns1\netlogon\login\%U <file://\\ns1\netlogon\login\%U>
 In all cases, it is possible to go manually to
\\pdc\netlogin\login<file://\\pdc\netlogin\login>directory, and
double-click on the script and it runs correctly, so its not
a permisssions problem.
 At log level 3, I don't see any glaring errors in the log file of the
client machine. Nor do I see anything out of the ordinary in smbd.log.
 Can anyone give me a few pointers on things to try to find out what's
happening?
 Thanks,
David

On Thu, 2005-11-10 at 18:47 +0100, David Landgren wrote:
> List,
>  I have a weird problem on a 3.0.20 PDC. My users can log on correctly
(user
> credentials is in LDAP) to the domain but the login.bat file is not always
> run.
>  For some people, it is always run. For other people, it is never run. For
a
> final group, sometimes it runs, sometimes it doesn't. There aren't
any real
> differences in the LDAP entry for the account. The relevant line in
smb.confis:
>   logon script = \\ns1\netlogon\login\%U
<file://\\ns1\netlogon\login\%U>
>  In all cases, it is possible to go manually to
> \\pdc\netlogin\login<file://\\pdc\netlogin\login>directory, and
> double-click on the script and it runs correctly, so its not
> a permisssions problem.
>  At log level 3, I don't see any glaring errors in the log file of the
> client machine. Nor do I see anything out of the ordinary in smbd.log.
>  Can anyone give me a few pointers on things to try to find out what's
> happening?
>  Thanks,
----
WinNT Home doesn't do logon - no way for that to work.

Logon scripts MUST be edited and saved with Windows line endings. If you
edit in UNIX/Linux, you need to run it through unix2dos type conversion.

WinNT, Win2K, WinXP Prof are capable of logging in via 'cached'
credentials (unless told not to do so by registry/policy) and thus a
login is possible without connecting to PDC/BDC

WINS / network browsing might not be working properly... Try opening 'My
Network Places' on a system that doesn't run a logon script and click
through to see if the PDC/BDC actually show up in Windows Browser. If
not, you have to fix WINS

Are you sure that it's a per user and not a per machine thing? On a
machine where the script doesn't run for one particular user, try
logging in as another user who hasn't had a problem getting logon script
to run and vice versa.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.