| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 09:06 PM |
simple may be....
|
I wana upgrade my script engine from 3.65 to 4.12 earliar my company was having win95 and NT clints now we have only WIN2k and NT clients I am testing my Win2k script now on 4.12 kix, some how INGROUP() fuction is not detecting global group, I'll post my script.
code:I read in the manuel that for Nt and 2k clients KXRPC service is not required so i have not updated the RPC service, PLS can some body tell me why this peace of code is not working ?if ingroup ("ITD Global Group")
? " group found"
endif
I tried to enumrate my group membership I am getting only local groups even I tried by deleting KIX key from the registry.
PLS help me...
Lonkero
|
| (KiX Master Guru) |
| 2003-05-11 09:17 PM |
Re: simple may be....
|
sure kix works with global groups
![[Wink]](images/icons/wink.gif){kind=icon}
is this new group? if not, is the username you tried just added to that group?
is the group renamed?
these are all factors with kix 4.xx
and you should try flushing the group cache with /f-switch
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 09:21 PM |
|
Re: simple may be....
|
This is old group and beleive me the sanme script is working with 3.65 i tried by flushing out with /f- switch
| Les |
| (KiX Master) |
| 2003-05-11 09:40 PM |
|
Re: simple may be....
|
Try with the domain name included.
if ingroup ("DomainName\ITD Global Group")
BTW, there is no 3.65 version of KiX.
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 09:45 PM |
|
Re: simple may be....
|
I tried that too, no way...
SORRY it was 3.60 not 3.65, by the way is there any issue with old RPC service and kix 4.x ? cause my domain controler still using old RPC service and this damm code is working on 3.60 ver too.
any idea ?
| Les |
| (KiX Master) |
| 2003-05-11 09:52 PM |
|
Re: simple may be....
|
My DCs are running the RPC for 3.62, and InGroup() works on every 4.x ever released on my XP client. Test with some other groups.
Are you on NT4 or AD?
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 09:59 PM |
|
Re: simple may be....
|
my domain is win2k i tried all global groups it did not worked when I tried with local group it worked.
my local kix cache showed all this local groups which is working with this code.
|
Lonkero
|
| (KiX Master Guru) |
| 2003-05-11 10:31 PM |
|
Re: simple may be....
|
rpc service is not used with NT-line so you can even remove it.
and it is never used for global groups.
it is there to support some special things for win9x, like localgroups.
there seems to be something else in this...
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 10:37 PM |
|
Re: simple may be....
|
IC...
But why the same peace of code is working in 3.60 and not working in 4.12 ??
|
Lonkero
|
| (KiX Master Guru) |
| 2003-05-11 10:41 PM |
|
Re: simple may be....
|
could you run this scriptlet and tell does it show any groups:
$Index = 0
DO
$Group = ENUMGROUP($Index)
$Index=$Index+1
$group ?
UNTIL Len($Group) = 0
? "listed."
get $
basically, all it does is show all global groups kix sees
[ 11. May 2003, 22:44: Message edited by: Lonkero ]
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 10:44 PM |
|
Re: simple may be....
|
Yes it did, It listed all local groups both my local PC and domain local groups where I belongs to
code:Everyone
W2K0182\Users
W2K0182\Administrators
INTERACTIVE
Authenticated Users
LOCAL
PasswordPropAllow
OLD_PasswordPropAllow
Print Operators
Server Operators
Users
|
Lonkero
|
| (KiX Master Guru) |
| 2003-05-11 10:45 PM |
|
Re: simple may be....
|
do you say that it shows all the same groups as with:
ENUMLOCALGROUP($Index)
?
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 10:54 PM |
|
Re: simple may be....
|
No, ENUMLOCALGROUP gives me only domain local group as listed below
PasswordPropAllow
OLD_PasswordPropAllow
Print Operators
Server Operators
Users
whereas other one listed local PC as well as domain local groups.
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 11:07 PM |
|
Re: simple may be....
|
HURREEEEYYY
I found out the issue...when I mapped my drive to another PC and ran the script it worked !!! when I checked the registry cache of that PC i found i cached all local and global group where I belogs too whereas My pc cached only domain and local PC local groups strange isnt it ???
Now I am afaraid that if I deploy this script will it behave like this way for diffrent PC'c ??
| Howard Bullock |
| (KiX Supporter) |
| 2003-05-11 11:28 PM |
|
|
Re: simple may be....
|
Please explain your previous post in more detail. Changing a drive mapping should in no way alter the behavior of INGROUP.
[ 11. May 2003, 23:28: Message edited by: Howard Bullock ]
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-11 11:41 PM |
|
Re: simple may be....
|
I meant to say that when I ran this script from another PC it worked, I read in the manuel that 4.02 is caching the access token group information to the HKC\software\kix\tokencache key when i checked the cache of that PC I found that it cached all groups I belongs to where us in my PC where I ran the script earliar it is cached only domain and PC local groups
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-13 12:24 AM |
|
Re: simple may be....
|
Can some body tell me me why my PC is caching only local and domain local groups only ??
code:Now I am afaraid that if I deploy this script will it behave like this way for diffrent PC's ??[HKEY_CURRENT_USER\Software\KiXtart\TokenCache]
"S-1-1-0"="Everyone;1066052"
"S-1-5-32-545"="W2K0182\\Users;1057308"
"S-1-5-32-544"="W2K0182\\Administrators;1106669"
"S-1-5-4"="INTERACTIVE;1068870"
"S-1-5-11"="Authenticated Users;1101471"
"S-1-2-0"="LOCAL;1063561"
| Howard Bullock |
| (KiX Supporter) |
| 2003-05-13 12:48 AM |
|
|
|
Re: simple may be....
|
If you delete the TokenCache key, do only these entries return? What OS is the client? Has the computer been rebooted? Have you used the "/f" option when running KiXtart?
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-12 01:11 PM |
|
Re: simple may be....
|
I deleted tokencache, I restarted the pc I tried with /f switch option nothing worked I am using W2K OS.
If I delete tokenCache it will recreate only this entries.
is it network related issue ? if it is why the same code is working in other W2k machine with same ver of Kix32.exe ?
| Les |
| (KiX Master) |
| 2003-05-12 01:49 PM |
|
Re: simple may be....
|
I would look at the network settings. Are there other protocols? Is the provider order optimized?
| Howard Bullock |
| (KiX Supporter) |
| 2003-05-12 02:11 PM |
|
|
|
Re: simple may be....
|
And you logged on using a domain user account?
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-12 02:55 PM |
|
Re: simple may be....
|
Yes !! I installed VMware (virtuel machine) and it is using a protocol known as "vmware bridged protocol"
is it givin any conflict u mean ?
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-12 03:31 PM |
|
Re: simple may be....
|
Any help ???
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-12 08:15 PM |
|
Re: simple may be....
|
No luck it seems
![[Confused]](images/icons/confused.gif){kind=icon}
| Howard Bullock |
| (KiX Supporter) |
| 2003-05-12 08:20 PM |
|
|
|
Re: simple may be....
|
I don't think we have any magic answers for you and have not previously seen the problem you are reporting.
How many computers have to tested?
On how many computers does this problem occur?
Are you running VMware on ALL your computers?
Why did you install that software for logon script testing?
We will need you to perform more testing and report the results before we can offer more advice.
[ 12. May 2003, 20:21: Message edited by: Howard Bullock ]
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-12 08:41 PM |
|
Re: simple may be....
|
Sorry for bugging u guys, I am worried because I have to deploy this script tomorrow, I tested 5 machines and it ran well on all PC’s except one which I installed VMWare. My concern is if it is because of VMware I don’t mind because we have it installed on only 2 PC’s other ways it would be a big issue because I have so many conditions using group check in my script.
What I felt was it may be a bug in this version because earlier version bringing the group information from the logon server whereas this one is caching it in a registry key from the access token. And it proved that a PC is having more than one protocol this function may not work properly.
This is my opinion I may wrong…..
| Howard Bullock |
| (KiX Supporter) |
| 2003-05-12 08:56 PM |
|
|
|
Re: simple may be....
|
First we do not know if this is a protocol issue or not. Did you test on the other VMware computer yet?
Tell us more about how VMware is configured. Did you give your VMware OS instance a different name from that of the computer on which it is running?
Read this thread: http://www.kixtart.org/board/ultimatebb.php?ubb=get_topic;f=2;t=002804#000000
| Howard Bullock |
| (KiX Supporter) |
| 2003-05-12 08:59 PM |
|
|
|
Re: simple may be....
|
Are you testing this script execution in the base OS or in the VMware OS instance? Does the script fail on bith the base OS instance and in the VMware OS instance?
| Saleem |
| (Hey THIS is FUN) |
| 2003-05-12 09:48 PM |
|
Re: simple may be....
|
Hello Howard
Thanx for that informative link, I tested this script on another vmware installed PC and it worked there, so far it failed only one PC where VMware installed, when I tested on VMware OS it worked whereas it is failing on the installed PC OS. Strange!!!
vmware is installing a protocol known as “VMWARE BRIDGE PROTOCOL” which is enabling virtual machine to get IP address from the DHCP.
There is no additional tuning is required for this protocol we just need to enable that option while setup OS on VMware.
Since I found problem only in one PC I think I can go ahead with deployment what do you think ? do I need more testing ??
|
Lonkero
|
| (KiX Master Guru) |
| 2003-05-12 10:17 PM |
|
Re: simple may be....
|
saleem, if I understood correctly, all your PC's work except the one you started up with.
my suggestion is that you start deploying tomorrow but not network-wide but little by little.
and, if that failing PC is yours, re-install the OS.