You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » Global InGroup Issue?
Register User       Forum List       Calendar       FAQ
Page 1 of 1 1
Topic Options
#170106 - 2006-11-06 12:02 PM Global InGroup Issue?
craigs9 Offline
Fresh Scripter

Registered: 2006-07-05
Posts: 22
Loc: London, UK
I have posted a similar possible problem with ingroup under
Local Ingroup Issue
I'm not sure whether the two are related but its possible.

Site B has a script that maps drives dependant on group membership.
This was working fine as far as I know until the weekend when the groups were renamed to fit with a new naming convention.
The code is as follows
Code:
If Ingroup ("G CHWHT_Chris_Team")
Use O: /delete /persistent
Use O: "\\mha1\Clients\!Chris's Client List"
If @ERROR
		$rc = WriteLine (1, "@DAY-@MDAYNO @MONTH," + "@TIME," + "@USERID," + " has problems mapping the O drive," +"\\@WKSTA\C$" + @CRLF)
		report
	EndIf
EndIf


This is an example of one group but the problem seems to be happening for any of the drives which are dependant on the ingroup function.

Now for some users the drive isn't mapping even though they belong to the group concerned, however for some they are. For the one's that aren't no errors are reported.
I have tried using ifmember.exe /list from a cmd prompt and this shows that the user is a memeber of the correct group with the new naming convention.
Any ideas?
Using Kix 4.53 on a w2k3 server
Top
#170107 - 2006-11-06 12:42 PM Re: Global InGroup Issue?
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
Clean the cache that's created on the clients containing the groups for a user is a first try. If you log on to a machine with a user that you've never logged on with on this specific machine, is it still broken?
Top
#170108 - 2006-11-06 12:58 PM Re: Global InGroup Issue?
craigs9 Offline
Fresh Scripter

Registered: 2006-07-05
Posts: 22
Loc: London, UK
Where is this cache located? To be honest didn't realise global groups were cached?
Top
#170109 - 2006-11-06 01:56 PM Re: Global InGroup Issue?
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
KiXtart maintains it's own cache of group membership. You can see it in your registry at HKCU\Software\KiXtart\TokenCache

You can either delete the registry entry directly, or use the KiX32.exe command line flag "/f".

See the "Group Membership Information Cache" section of the KiXtart manual for more information.
Top
#170110 - 2006-11-06 03:47 PM Re: Global InGroup Issue?
craigs9 Offline
Fresh Scripter

Registered: 2006-07-05
Posts: 22
Loc: London, UK
Yep that seems to have fixed it....sorry although I'd seen the term tokenchache a few times never actually knew thats what it was.
Thanks
Top
#170111 - 2006-11-06 03:56 PM Re: Global InGroup Issue?
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
My recommendation would be to envoke a deletion of the cached memberships each time you change anything like that in your envirionment.
Top
#170112 - 2006-11-06 04:01 PM Re: Global InGroup Issue?
craigs9 Offline
Fresh Scripter

Registered: 2006-07-05
Posts: 22
Loc: London, UK
Now I know it exists I will do!
From reading the manual and richards post it seems you can use the /f switch to do this
I presume I can therefore do this as a matter of course before tokenising the script?
i.e
kix32.exe login.kix /f
kix32.exe login.kix /t
Top
#170113 - 2006-11-06 04:13 PM Re: Global InGroup Issue?
Björn Offline
Korg Regular
*****

Registered: 2005-12-07
Posts: 953
Loc: Stockholm, Sweden.
well, the /f -switch just cleans out the registry on the machine that runs the binary. so doing that before tokinizing it will make no difference. I would recommend that you instead add that once a month (on a specific date or something) clean out the reg-entries yourself if you're gonna tokinize it.
Top
#170114 - 2006-11-06 04:17 PM Re: Global InGroup Issue?
craigs9 Offline
Fresh Scripter

Registered: 2006-07-05
Posts: 22
Loc: London, UK
Oh ok- yep no worries will put something in place to clear the cache every so often
Top
#170115 - 2006-11-07 09:44 AM Re: Global InGroup Issue?
Richard H. Administrator Offline
Administrator
*****

Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
The method that I prefer is to write a timestamp to a (INI) file on the script share whenever you make a change that could invalidate token caches.

When the login script runs it checks the timestamp against one held in the local registry. If the registry timestamp is older then the token cache is deleted from the registry, and the registry timestamp is updated.

This allows you the benefits of the token cache under normal circumstances, but also allows you to update the timestamp and flush the registry whenever you need to.
Top
Page 1 of 1 1


Moderator:  Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 484 anonymous users online.
details
Newest Members
Sir_Barrington, batdk82, StuTheCoder, M_Moore, BeeEm
17886 Registered Users
My Cookies · Mark all read Powered by UBB.threads™ Contact Us · KiXtart.org website · Top

Generated in 0.06 seconds in which 0.025 seconds were spent on a total of 12 queries. Zlib compression enabled.
Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org