seppelon Posted November 18, 2008 Share Posted November 18, 2008 Hi Folks, I have an little problem with mit Script for mediaplayer rollout. I call an AutoIT-Script from the users logoncmd on win2k with following content: $logf = "C:\mpinstall.log" _FileWriteLog($logf, "Script 1 gestartet") $IPAddress = @IPAddress1 $Oktett = StringSplit($IPAddress, ".") $IP = $Oktett[3] $NL_Server_IP = $Oktett[1] & "." & $Oktett[2] & "." & $Oktett[3] & ".221" $patchdir1 = "\\" & $NL_Server_IP & "\netlogon\Patch\Mediaplayer\" _FileWriteLog($logf, "Pfad von dem aus gestartet werden soll: " & $patchdir1) $erg = (RunAsWait("patchtest", "domain", "password", 0, $patchdir1 & "rollout_debug.exe")) _FileWriteLog($logf, "Ergebnis von RunAsWait: " & $erg) The script does its job pretty good on the subnet with our domaincontroller. It runs the rollout_debug.exe with userrights of patchtest (Admin). On all other subnets the RunAsWait command fails with status 0. The file wich is called exists on every subnet's fileserver (IP ending with 221) at the same place. I think there is a problem with the authentification of the user against the domaincontroller because it is in an other subnet. Has anyone the same problem or an idea to solve it? Thanks for your comments! Seppl PS: Sorry for my bad english Link to comment Share on other sites More sharing options...
Airwolf Posted November 18, 2008 Share Posted November 18, 2008 Do your client machines have any virtual adapters or other network connections? It is possible that @IPAddress1 will not be the NIC connected to your domain. I've used scripts very similar to this for logon script deployment methods on my network. What I have done is create a function that first determines which @IPAddress variable is on my network (by doing a StringLeft for the first two octets). Also, the $IP variable you create with Oktet[3] isn't used (won't cause problems, just isn't needed - unless you are using it later in the script). Certifications: A+, Network+, Security+, Linux+, LPIC-1, MCSA | Languages: AutoIt, C, SQL, .NETBooks: AutoIt v3: Your Quick Guide - $7.99 - O'Reilly Media - September 2007-------->[u]AutoIt v3 Development - newbie to g33k[/u] - Coming Soon - Fate Publishing - Spring 2013UDF Libraries: SkypeCOM UDF Library | ADUC Computers OU Cleanup | Find PixelChecksumExamples: Skype COM Examples - Skype4COMLib Examples converted from VBS to AutoIt Link to comment Share on other sites More sharing options...
seppelon Posted November 18, 2008 Author Share Posted November 18, 2008 Good idea but all clients have only one NIC. $patchdir1 = "\\" & $NL_Server_IP & "\netlogon\Patch\Mediaplayer\" _FileWriteLog($logf, "Pfad von dem aus gestartet werden soll: " & $patchdir1) In my logfile is the correct path (with correct serverip) written. I had the idea with the failing authentification because I remembered that IPCop have problems with domainauthentification against controllers in other subnets too. Link to comment Share on other sites More sharing options...
Airwolf Posted November 18, 2008 Share Posted November 18, 2008 Good idea but all clients have only one NIC. $patchdir1 = "\\" & $NL_Server_IP & "\netlogon\Patch\Mediaplayer\" _FileWriteLog($logf, "Pfad von dem aus gestartet werden soll: " & $patchdir1) In my logfile is the correct path (with correct serverip) written. I had the idea with the failing authentification because I remembered that IPCop have problems with domainauthentification against controllers in other subnets too. If you can logon to the box using a domain account, then I don't think domain authentication is an issue. Does the path on each server have proper NTFS and share permissions to allow remote access by the "patchtest" account? Certifications: A+, Network+, Security+, Linux+, LPIC-1, MCSA | Languages: AutoIt, C, SQL, .NETBooks: AutoIt v3: Your Quick Guide - $7.99 - O'Reilly Media - September 2007-------->[u]AutoIt v3 Development - newbie to g33k[/u] - Coming Soon - Fate Publishing - Spring 2013UDF Libraries: SkypeCOM UDF Library | ADUC Computers OU Cleanup | Find PixelChecksumExamples: Skype COM Examples - Skype4COMLib Examples converted from VBS to AutoIt Link to comment Share on other sites More sharing options...
seppelon Posted November 18, 2008 Author Share Posted November 18, 2008 The fileserver running on linux with samba. The netlogonshare is readable for everyone and patchtest is a domainadmin. Any other idea? Thanks Seppl Link to comment Share on other sites More sharing options...
seppelon Posted November 18, 2008 Author Share Posted November 18, 2008 Forget all i've ever said!! I found the problem. In the subnet where the domaincontroller is, the fileserver runs on winnt. The user testpatch can access the netlogonshare - he is domainadmin. On the other server only groupmember of "domainusers" allowed for the netlogon-share. Testpatch was only groupmember of domainadmins - what under winnt gives him all right from domainusers too. I've added the user testpatch to the group domainusers and all runs perfekt. Thanks for your help! Seppl Link to comment Share on other sites More sharing options...
Airwolf Posted November 18, 2008 Share Posted November 18, 2008 The fileserver running on linux with samba.The netlogonshare is readable for everyone and patchtest is a domainadmin.Any other idea?ThanksSepplCan a standard user at one of your locations manually browse to the directory on their respective file server? Certifications: A+, Network+, Security+, Linux+, LPIC-1, MCSA | Languages: AutoIt, C, SQL, .NETBooks: AutoIt v3: Your Quick Guide - $7.99 - O'Reilly Media - September 2007-------->[u]AutoIt v3 Development - newbie to g33k[/u] - Coming Soon - Fate Publishing - Spring 2013UDF Libraries: SkypeCOM UDF Library | ADUC Computers OU Cleanup | Find PixelChecksumExamples: Skype COM Examples - Skype4COMLib Examples converted from VBS to AutoIt Link to comment Share on other sites More sharing options...
seppelon Posted November 18, 2008 Author Share Posted November 18, 2008 Everyone means every user who is member of group "domainusers" Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now