Welcome.
I am not sure if you can set a domain by default for the
initial logon. If you could, I would expect it to be to some of the reg entries
maintained in the HKLM\software\microsoft\windows nt\currentversion\winlogon
portion of the registry.
You could step around that by telling people to use UPNs
for logon instead of SAM Names. That would mean you would use something
like [EMAIL PROTECTED] instead of
something\PGlenn. That is the direction the auth is going so if you are starting
fresh now, might as well start that way. Then the domain dropdown is a moot
point. It also means you can dork with the domain's almost to your heart's
content and never have to worry about telling the users their new domain, it
will just work because the UPN does not have to match the Domain
structure.
I am curious about the direction to move as you state it as
"the Novell business model", what specifically is pushing this change? With
Novell embracing Open Source I would expect schools and the like to be more, not
less, interested in it. Also I am curious why not a move to say BSD or Linux. If
anywhere that stuff works well en masse it is in school environments because
they are so closed and geographically small.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Glenn
Sent: Friday, May 05, 2006 1:38 PM
To: [email protected]
Subject: [ActiveDir] Default Domain
First off let me do a small introduction. I come from a Netware
background. My university's students have been using eDirectory for
several years without any problems. However, we have decided (mostly
because of the business model of Novell) to move all of our student logins,
storage, and lab computers to Active Directory. Needless to say, this will
not be a small undertaking for us. We have started testing to make sure we
have all of our procedures down and have faired well so far.
Our first big hurdle was ghosting the machines and having them
automatically join the AD in the correct container. Done. We've also
been testing out the GPOs to move what we do now with ZenWorks to them. We
will be providing our home storage solution via File System Factory which we've
been using for several years under Netware - They have decided now is the
time for them to write it for Active Directory.
One small problem we are having now (and we all think we're just missing
something simple) is getting the domain to showup in the logon box the first
time. We know after a student logs on the first time things will be
OK. However, after ghosting 900 machines, the last thing we want to do is
touch each one just to get this setting correct. We've ripped the registry
to pieces, looked everywhere we know to look, but nothing seems to set it the
first time. I realize this may not seem like a big deal to most people out
there, but if you've ever had to deal with a student population you know why
this is important.
One other thing for now. We have found a few custom templates we
would like to use (one modifying the logon screen to tell the students what the
Domain should be set as). I have added them to my test AD domain
controllers' INF folder. They work just fine. When I told one of our
administrators about this, he said, he didn't like that idea much (placing this
on the DC). In my testing, I wasn't able to get any of the custom
templates to work until I did put them there and in the INF folder. Is
there another way?
I thank you in advance for you help. I would expect I'll be around
here a bunch during this move.
Paul Glenn
University of Kentucky
--
***********************************************************************
"I've got a fever and the only prescription is more
cowbell." --Christopher Walken
***********************************************************************
--
***********************************************************************
"I've got a fever and the only prescription is more
cowbell." --Christopher Walken
***********************************************************************
