Domain Server
From wiki.IPBRICK.COM
Contents
F.A.Q.
Is it possible to run a script when the user logs in the domain, at a windows workstation?
Yes. it is possible to run a script when the user logs in the domain at a windows workstation. These scripts are called netlogon scripts, and are to be published at the domain controller shared folder called netlogon.
In an IPBRICK setup all users are, by default, setup to look for netlogon script called [user's login].bat (ex.: for a user with the login johndoe the file should be named johndoe.bat).
The netlogon shared folder is located at //[server's name]/netlogon/ (ex.: //ipbrick/netlogon). On the server's file system you may find this folder located at /home1/_netlogon.
NOTE:
- share/file permissions: users members of "Domain Admins" group have read-write permissions, all other users have read-only permissions in the netlogon shared folder. So, only "Domain Admins" user's are authorized to create/edit/delete netlogon files (scripts).
- file/script creation: by default the logon script files do not exist, they are not created automatically. Domain users are automatically (by default) defined to look for [user's login].bat, meanwhile this file is not automatically instantiated, so when you access for the first time to netlogon share you will find it empty.
Is it possible to join Windows 10 to an IPBRICK v6.x domain?
***CONSTRUCTION IN PROGRESS***
Yes, it is. Proceed as follows:
- Create an account for the IPBrick.I machine - Machines Management;
- Perform the modification of the register:
Windows Registry Editor Version 5.00 ; Win7_Samba3DomainMember [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters] "DNSNameResolutionRequired"=dword:00000000 "DomainCompatibilityMode"=dword:00000001 ; Error code 0x80090345 launching Windows Credential Manager ; https://support.microsoft.com/en-us/kb/3000850 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Protect\Providers\df9d8cd0-1501-11d1-8c7a-00c04fc297eb] "ProtectionPolicy"=dword:00000001
- Validate the configurations of the machine's name and network;
- Computer's properties - define name according to the register in IPBrick.I » Machines Management;
- Computer's properties - define the name - plus - define the DNS suffix according to IPBrick's DNS domain, select NO, modify the DNS suffix when modifying the domain;
- After modifying the DNS name/suffix, reset the machine;
- Confirm that the station is using the IP of IPBrick's server as a DNS and WIN server;
- Modify configurations from "Work Group" to "Domain" and indicate the name of IPBrick's domain (as in IPBrick.I . Domain Server):
- Indicate credentials of domain administrator;
- Welcome to the new domain;
- Reset;
- You may iniciate your session in the domain.
How to join Windows 8/Windows 2012 to an IPBRICK v6.x domain
***CONSTRUCTION IN PROGRESS***
To join Windows 8/Windows 2012 perform the following procedure:
- Create the register on IPBrick in Machines Management;
- Apply changes on the registry according to the attached zip (double click on the reg and intersperse on the registry), and reboot the station/server;
- These machines have no specific/functional terminal to join themselves to a windows domain on an IPBrick level, so it is used a profile "migration tool" (Note: At this time, the windows station/server is configured in workgroup "workgroup".);
- http://www.forensit.com/downloads.html
- Create a temporary user in IPBrick - migra2012 - and apply configurations;
- Create a local user in the Windows station/server with the same login (migra2012), log in locally with this login and then log out;
- Log in with the local administrator of the station, confirm network configurations (use DNS and WINS pointing to the IPBrick server);
- Execute the application "profwiz.exe" to migrate the profile "migra2012" and, simultaneous, perform "join to the domain" of IPBrick (indicate windows domain served through IPBrick);
- The station/server reboots, and it becomes possible to log in with any login of the domain, and the profile "migra 2012" can be removed.
