Author Topic: Login Script - Still Does NOT WORK  (Read 864 times)

AntiAntiSysOps

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Login Script - Still Does NOT WORK
« on: June 12, 2019, 09:26:05 am »
I have searched and gone through every post regarding the login script. Many which were never answered.

I am using the Community Edition, 6.0.1.
Workstation is attached to Domain, running Win7 (as a test box, I'll move to Win10 when this works)

Nothing I can do makes a login script work. I simple have:
      net use f: \\NAS01\Sharename
      net use G: \\ZentyalServerName\Sharename
NAS01 is a ReadyNas attached to the Domain/Zentyal. All accounts/groups can be seen with the ReadyNAS

The login script does not map either drive. The Zentyal Share or the NAS share.
As stated numerous times across the web, I can map drives manually via a command on Windows.
I have created in the /scripts folder
   login.bat
   logon.bat
Both have the same mapping commands as listed above.

I have read that you simply drop in the file - Don't work.
I have read about editing the smb.conf - added logon.bat, and tried login.bat - Does not work.

I have installed the Windows Admin Tools and configured the test user for logon.bat, and then tested login.bat - Don't work.
I have connected to the /scripts folder and created a new file from Windows, with the commands, saving it as a BAT (not a txt).
I have connected via SSH and just sudo nano login.bat and created a brand new file (for logon and login).

As you can see I have exhausted almost every option here.
Not a single post on the internet says HOW they got this working, most NEVER got it working.

Any idea how I can make a login script run?
It would seem this is core functionality with Zentyal and it should be expected to work.

I am far from a novice here and it seems I have exhausted all the available google knowledge.

Anyone have any ideas?

AntiAntiSysOps

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #1 on: June 12, 2019, 10:29:08 pm »
So does no one read these forums? Or is the product has zero support? If an answer can't even be deprived for the testing product (community version) why would anyone assume that a paid product would provide better results?

Without a login script, the product is about useless in a business environment.

Not to mention, there is no way to 'flag' a request, question, or issue as the Paid or Community product.


doncamilo

  • Zen Samurai
  • ****
  • Posts: 257
  • Karma: +63/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #2 on: June 13, 2019, 03:21:12 pm »
Hi!,

You should forgot logon scripts and to do those tasks by GPO's

Google  "Group Policy Preferences’ Drive Maps "

For instance:

https://blogs.technet.microsoft.com/askds/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership/

 ;)

AntiAntiSysOps

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #3 on: June 13, 2019, 10:07:51 pm »
I know I can do that, but when migrating an existing legacy domain, it is much more simple to use what is in place.

Part of the point of migrating away from Windows is to be able to NOT rely on GPO's and for many many smaller environments it is simply not needed.

All that being said, still the functionallity is that this works, but it simply does not.

So yeah, I will just go and build GPO's to map drives, as a script to bat is just so hard to deal with /s.

doncamilo

  • Zen Samurai
  • ****
  • Posts: 257
  • Karma: +63/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #4 on: June 13, 2019, 11:02:04 pm »
I know I can do that, but when migrating an existing legacy domain, it is much more simple to use what is in place.

Part of the point of migrating away from Windows is to be able to NOT rely on GPO's and for many many smaller environments it is simply not needed.

All that being said, still the functionallity is that this works, but it simply does not.

So yeah, I will just go and build GPO's to map drives, as a script to bat is just so hard to deal with /s.

Hi again!

I don't understand your problem. You haven't abandonned Windows nor GPO's as far as your clients seems to be Windows. You can run RSAT from any of the windows clients in order to do this task.

But any way, if you want some more detailed help with logon scripts, please, run the testparm command and publish here his output. Give us the owner and permissions that your scripts folder has.

Cheers!

AntiAntiSysOps

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #5 on: June 15, 2019, 03:35:01 am »
I was pretty clear. Documentation says the login.bat works. Or logon.bat.
It simply does not.

Yes, I could go back and configure GPO's to recreate the mappings, but with a simple upgrade to replace existing, it takes more time, and I have to deploy a solution that is not tested in the environment. The login script has been working flawlessly with all versions of windows, including 10latest. So I don't want to have to re-invent anything.

That was my point, the documented use of a login script fails to work, there is minimal information on how to troubleshoot, outside of some posts that say just drop the logon.bat into the /var/lib/samba/sysvol/domain.name/scripts

So I will rebuild the login using GPO's which then I have to test before deployment.

AntiAntiSysOps

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #6 on: June 15, 2019, 03:37:10 am »
Code: [Select]
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[sysvol]"
Loaded services file OK.
Server role: ROLE_ACTIVE_DIRECTORY_DC

Press enter to see a dump of your service definitions

# Global parameters
[global]
bind interfaces only = Yes
interfaces = lo eth0 wlan0
ldap server require strong auth = No
log file = /var/log/samba/samba.log
logon script = login.bat
map to guest = Bad User
max log size = 100000
passdb backend = samba_dsdb
realm = domain.name
server role = active directory domain controller
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
server signing = if_required
server string = Zentyal Server
template homedir = /home/%U
template shell = /bin/bash
winbind enum groups = Yes
winbind enum users = Yes
workgroup = SBCIA
rpc_server:tcpip = no
rpc_daemon:spoolssd = embedded
rpc_server:spoolss = embedded
rpc_server:winreg = embedded
rpc_server:ntsvcs = embedded
rpc_server:eventlog = embedded
rpc_server:srvsvc = embedded
rpc_server:svcctl = embedded
rpc_server:default = external
winbindd:use external pipes = true
idmap_ldb:use rfc2307 = yes
drs:max object sync = 1200
dsdb:schema update allowed = yes
server role check:inhibit = yes
idmap config * : backend = tdb
include = /etc/samba/shares.conf
map archive = No
map readonly = no
store dos attributes = Yes
vfs objects = dfs_samba4 acl_xattr


[homes]
browseable = No
comment = Home Directories
create mask = 0611
directory mask = 0711
path = /home/%S
read only = No
vfs objects = acl_xattr full_audit
full_audit:failure = connect opendir disconnect unlink mkdir rmdir open rename
full_audit:success = connect opendir disconnect unlink mkdir rmdir open rename


[netlogon]
browseable = No
path = /var/lib/samba/sysvol/domain.name/scripts


[sysvol]
path = /var/lib/samba/sysvol
read only = No

AntiAntiSysOps

  • Zen Apprentice
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #7 on: June 15, 2019, 04:19:48 am »
And I have tried editing the .conf to login.bat and logon.bat, both files exist in \scripts, same file.
Neither work.

doncamilo

  • Zen Samurai
  • ****
  • Posts: 257
  • Karma: +63/-0
    • View Profile
Re: Login Script - Still Does NOT WORK
« Reply #8 on: June 18, 2019, 01:57:46 pm »
Hi!

Do you have additional controllers?

I have done some trials and all is right with logon scripts.

So, furthermore some possible mistake on your configuration, I think that the issue could be that samba doesn't replicate SYSVOL, so, if your machines do the login on a additional controller, it hasn't the scripts you have on the main domain controller. If this is the case:

https://wiki.samba.org/index.php/Rsync_based_SysVol_replication_workaround