thanks a bunch Jorge, for your exhaustive post - good to read about your solutions to a similar situation.
I've used a similar workaround as yours, however, in the second phase of the migration, I have to execute the logon script directly from AD as the users will then not login to Novell at all. But after investing enough time in this, we've now decided to live with the workaround and then concentrate on removing the Novell Client (which is an ugly thing all on its own - but we were able to get it off the system quite well) - afterwards everything works as expected. Cheers, Guido -----Original Message----- From: Jorge de Almeida Pinto [mailto:[EMAIL PROTECTED] Sent: Thursday, February 24, 2005 10:35 PM To: Jorge de Almeida Pinto; '[EMAIL PROTECTED] '; Grillenmeier, Guido; ''[email protected] ' ' Subject: RE: [ActiveDir] Issues with NT4 + Novell Client and AD Guido, In my last post I forgot to mention: * Wxp with SP2 * W2K3 domain * Novell 5.1 I found a NT4 wrk (with SP6, without the DSCLIENT) VM I still had and did the same tests as I did with the WXP client and everything went OK! After the Novell client install I had to configure the preferred protocol being IPX. Cheers, Jorge -----Original Message----- From: [EMAIL PROTECTED] To: 'Grillenmeier, Guido '; '[EMAIL PROTECTED] '; '[email protected] ' Sent: 2/24/2005 12:18 PM Subject: RE: [ActiveDir] Issues with NT4 + Novell Client and AD Hi Guido, Also playing around with Novell? ;-) In the environment we're in we have an NT4 domain with Windows 9x/NT clients and we have a Novell NDS. All users are in as well as the domain as the NDS. Primary authentication is the NDS followed by the NT4 domain. Important part in this is that passwords in the domain and the NDS match because when you logon to NOvell you'll automatically logon to the domain. Users get their loginscript from the NDS and because we are moving data from Novell to windows we needed to introduce a WIndows loginscript soo that drive mappings could be created. In Novell it is not possible to create a mapping to a Windows resource in a domain. Why? Because at the moment the Novell loginscript runs the user still is not authenticated by the domain and when the mapping is created the user will be asked to authenticate. What did we do? In our NT4 domain we introduced a LOGON.BAT that starts a KIXTART script (both of course in the NETLOGON share) and each user account got the LOGON.BAT in their loginscript attribute. So what happens when a user logs on by provided their username and password in the Novell logon screen? The NDS loginscript runs and AFTER it is finished the WIndows loginscript kicks in and runs and does whatever it needs to do. This is/was for us the way to migrate data and drive-mappings step-by-step from Novell to Windows. The novell-client was installed in the following way: * Custom install * No additional products * NETWORK PROTOCOL: Only IPX! (don't install TCP/IP from the Novell client!!!)(use the default OS TCP/IP) * Use with NDS * Default settings used * Bindings are for file and print sharing: first IPX and second TCP/IP (halfway this could be changed around) * Bindings are for client for MS networks: first IPX and second TCP/IP (although it should be TCP/IP first and second nothing selected. we never changed it because it was for a short time and the old setting worked OK) * Bindings are for novell client: first IPX and second nothing selected I tested the same situation as above in VMWARE but using the following configuration: * Novell NDS * W2K3 AD domain * WXP client (don't have NT4 WRK installed now) with and without the novell client (4.9 SP2 english) * NDS loginscript * Netlogon loginscript in AD domain (LOGON.CMD with a command to create a drive mapping W:) * GPO loginscript in AD domain (LOGON.VBS with a command to create a drive mapping V:) * User account configured with NDS loginscript and Windows loginscript Without the novell client: NETLOGON loginscript and GPO loginscript runs OK With the novell client: NDS loginscript runs OK and after that NETLOGON loginscript and GPO loginscript runs OK I did not test this with a NT4 workstation but I assume there will little difference. However this worked with W95/W98/WNT at our customer in a NT4 domain and the NDS. By the way just for your info: I think the profile location for users is configured in the NDS (maybe the same as the homedir). There's no need to configure a profile location in the user object because at login only one profile will loaded and that will be the profile configured in directory that is configured as primary for logon Hope this helps Cheers Jorge -----Original Message----- From: [EMAIL PROTECTED] To: [email protected] Sent: 2/23/2005 11:50 PM Subject: RE: [ActiveDir] Issues with NT4 + Novell Client and AD thanks Gil - I'm right there with you (the "I don't miss it" part...). I'm pretty sure this is client related, but it never hurts to check with others ;-) /Guido _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick Sent: Wednesday, February 23, 2005 11:45 PM To: [email protected] Subject: RE: [ActiveDir] Issues with NT4 + Novell Client and AD Its been so long since I've worked with the Netware client... boy I don't miss it :) I've checked with our support and QA people and it doesn't ring a bell with anyone. -gil _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Wednesday, February 23, 2005 3:16 PM To: [email protected] Subject: [ActiveDir] Issues with NT4 + Novell Client and AD let's see if anybody here ever came accross this issue - I can't find anything on it: a company is using NT4 workstations with a Novell Client (v4.9) and these are being migrated to AD. The workstations with the Novell Client have issues running the Logon-Script for the users in AD (if authenticating to Novell, the Novell scripts runs fine). We've done various tests to determine the cause and it comes down the Novell Client itself. The logon script runs fine on the same NT4 box, if the Novell Client is _not_ installed. MS Novell Client also doesn't have this issue - it's just the "original" Novell client... Anybody have an idea why this doesn't work? I believe it's something specific to the client (a few other things are out of the ordinary as well), but I'm open for any hints to check out. Thanks /Guido This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
