Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Login Script for two domains

Status
Not open for further replies.

cainecabe

MIS
Aug 5, 2004
45
US
I use the login script that markdmac created for my company. everything works great, gneeric drives map and group mappings work also. Problem is, we are migrating to another domain in a different forest and the login script only maps the generic drives (the ones with no group membership needed). I have changed the domain string variable to the new domain name (one script for legacy, one script for new, the only difference so far is the domain name).
i just cant get the group memberships mappings to work. Where is reads Case "group name" then beneath maps the drive, do i need to change that? i imagine that if the login script is being run by a user in a differnet domain that it may not see the groups (i changed them to universal and there is a two way trust set up). do i specifuy the ldap path to the group perhaps?
any ideas please help.

thanks

Thanks,
 
is there a reason why no one is responding to this? is there more information that would help?

thanks

Thanks,
 
Hi Cainecabe,

Sorry I am currently on vacation and just logged on to see what was happening. You won't typically get a lot of people to answer a scripting question in this forum, better to use the vbscript forum for that. PHV and tsuji are both amazing guys in that forum and often beat me to answering there (enspecially since I am now travelling).

The login script will only process from the users login domain and will look for Global Groups in that domain.

The solution to your problem is simple though.

Create some new Global Groups in the users domain that can be identified to be used to map the resources in the trusting domain. It is extra work to have the extra groups, but it will ensure the script works as you are looking for it to.

I hope you find this post helpful.

Regards,

Mark
 
So, based on this, if i use admt to migratet eh groups to the new forest, that should address this as well.

we are migrating to a new forest, if we migrate the groups all should be well.

but in the interim my question is, how can i accomplish teh mapping of the drives duuring the transistion to a new forest? i tried using ldap to identify the groups, but that fails. if i remove the group membership as a prerequisite to mapping, it works, so it just can't understand the groups.

any ideas?

Thanks,
 
When you fully migrate to the new forest your users will be logging into just the one forest and will be authenticated and logging into the new domain and therefore the groups will be associated with the user object and all will work as you expect.

I have already given you the workaround for now. You need to create extra groups in the old domain that can be used to identify what users need resources on the new domain.

I hope you find this post helpful.

Regards,

Mark
 
understood, but i am a little unclear on the group part.
if i add some global groups to the source domain, are you saying that i should add the users in the target domain to the global group in the source domain?

thanks,

Thanks,
 
OK, lets try and make things clearer here. As I understand your problem it is that you are moving from an old domain (olddom) to a new domain (newdom). These domains are in different forests and there is a trust between the forests.

Your users are logging in to olddom and you want their login script to map some drives to resources that have already been moved over to newdom. If I have the "direction" backwards here you just need to flip the names, the actions to take will be the same just on the opposite domain.

In olddom create a new Global Group called newDomUsers.
Add the users in olddom that need to access resources in newdom.

In the script add a section in the Select Case statement for Case newDomUsers and add the drives you want mapped for example:

Code:
Case "newDomUsers"    WSHNetwork.MapNetworkDrive "U:", "\\NewDomServer\Users",True

I hope you find this post helpful.

Regards,

Mark
 
ok, my apologies on the clarity part.
i am using the original login script, only changing the domain variable.
i migrated myself to the new domain as well as one group i am in that gets drive mappings.

so, my account is in the new domain as well as the migrated group that gets drive mappings based on membership.

does that mak3 things any differnet?

Thanks,
 
again, my apologies, but it works now... i gues replication is a little slow here.

many thanks

Thanks,
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top