Forum: Geek Forum
Topic: Networking 98 on W2K servers (on AD)
started by: WillyPete

Posted by WillyPete on May 14 2002,17:09
New win2K server - old 98 client pc's.
All users are on AD.

Can't use group profiles on clients lower than 2k.

Q: What's the extension for login script files?

Q2: How do I map a drive in W98 so that it shows the 'down folder when you click the drive letter instead of the root share?
ie: /Users/ is shared. within /USERS/ is /SHARE/TECHDIST
When I map to techdist, and click the mapped letter, I see contents of /USERS/

Think I'm just missing  something but those basic facts are pissing me off.

Wouldn't have to do this if the powers would let us repair the fucking NDS structure. Novell client is SO much better for features.
Posted by Beldurin on May 14 2002,17:45
Q1:  .bat (but they have to be in a specific directory...I'm not sure the 2K dir, but in NT4 it was winnt\system32\repl\import\ I think)

Q2: I'm not sure what's going on there...you're mapping, say T: to \\COMPUTER_NAME\Users\share\techdir right?  Hmm...are your perms set correctly on the subdirs?
Posted by WillyPete on May 14 2002,18:13
Yeah it's all there.

It's no problem going to individual machines and mapping drive letters to reconnect at logon, but 98 doesn't run login scripts off AD like they do on Netware.
Posted by Beldurin on May 14 2002,20:14
Hrm...I haven't used AD, so I'm not sure what you need to do.  Is there an area for a logon script in the domain user account properties?  That's how you do it w/NT.  

Also, you're not trying to use and %% name variables, are you?  Those won't work w/9x.
Posted by vyachaslav on May 16 2002,16:16
not sure too much about ad, but isn't there some some sort of client that is needed to install on non 2k boxes to allow them to see ad stuffs.  i think it might be dsclient but not sure if that is what ur doing.
vy
Posted by WillyPete on May 29 2002,13:34
Yeah we tried AD client.

After trawling thru loads of MS tech documents, found out that any op systems lower than 2000 will only map to the shared folder.
They don't map to 'down' folders.

So if, for admin ease, you just share the 'USERS' volume and your 98 users map to their own folder with USERS, then when they click the drive letter, they see the root of USERS.
You have to use NTFS securities to make sure each user sees ONLY their own folder, otherwise they see them all.

If you also use NTFS securities on the shared folder (USERS) and take away the 'folder view' privilege, and also removethe 'folder view' rights to EVERY OTHER folder in USERS, ONLY THEN will they see just their own folder when clicking on the .

Pretty shit actually.
Netware, you map directly to the appropriate folder, regardless of op system.
Posted by Wiley on May 29 2002,16:20
Or you can hide the user's share with the $ and map them to their shared directory using UserManager  :p No login script need for this one.  
Backoffice server used to do this automatically  ...the only nice thing about Backoffice server as opposed to the regular NT4 Server.  Win2K never had the over simplified admin tools that Backoffice had, but most of the admin scripts that come standard with the former can easily be ported to the latter.
Or you can use a specific login script defined in UserManager that you can put anywhere (the Repl\Import\Scripts is only used if you replicate between domain controllers  ...personally I keep login scripts on the SAN to take traffic stress of the DCs  ...but that's just me)  You can also map a drive via the net use command that runs locally at startup (use a .pif shortcut to run a .bat file so it will close on exit) or you can even push the mapped drive as part of your registry configuration if you are using policies.
Posted by Beldurin on May 29 2002,18:13
Ok, here's a question for you Wiley.  I got very familiar with using NT4 policies at my last job.  However, when trying to fiddle w/a 2K server, it was much harder to figure out.  For example, on NT4, using poledit and winnt.adm and the the other default one (that I can't remember), I could lock things down pretty well (like remove the run command and control panel from the start menu).  How the hell do you do it in 2K?
Posted by Wiley on May 29 2002,21:35
Just so I'm clear, all the clients are Win98 and the Server that forces the policies (Domain Controller) was upgraded to Win2k Server?  
If this is the case are you running mixed mode domain with Pre-Windows 2000 Compatible Access in the Everyone  group  ...and running Service Pack 6a.  And don't make your life hell by trying to run AD with Win98 clients  ...Microsoft has a doc on how to do it, but it doesn't work.

Or were you using policies just on the local machine (ie using poledit on a local Win98) and you've upgraded the computer to Win2K (which uses the Local Security Policies instead of Poledit)?  Keep in mind this configuration will not let you push the Policy info down from your NT4 server.  I have to scan in a copy of the Policy Scripting Language Whitepaper from Microsoft, I only have it in hard copy but it is a great resource that I've never seen online.  Basically it outlines a few hundred more restrictions you can impose and details how to add new registry keys to your policy.
Powered by Ikonboard 3.1.4 © 2006 Ikonboard