I have a domain that runs on SBS2003. We use group policy with logon scripts to map drives for certain individuals' dependant on what OU they belong to. I have a machine that is running VistaRC1 and it is joined to the SBS domain. I have two problems. When I logon to the network and every thing starts to load, I get a security warning from the "UAC" about a program that wants access to my computer. It is "\\<server name>\Clients\Setup\setup.exe /s <server Name>"that runs during the logon process on every machine in the office without fail. Iallow Vista to run the program. I think it works. Not exactly sure what it is that the program does. All I know it is related to the SBS2003. Now the question: is there a way to disable this warning for this particular program or is it a global setting that affects all programs? I noticed that my drive mapping logon scripts are not working. Its not all of my scripts that are being blocked. I have a script that makes the "Windows Server 2003 Administration Tool Pack" available to my logon that still works. Is there anything in Vista that would be blocking the drive mappings coming from a group policy logon script?They have always worked on my 2000 and XP machines. I run the script locally on the Vista machine and they work.What am I missing here? Here is the contents of the Script file:' Map Network DrivesDim objNetSet objNet = CreateObject("Wscript.Network")objNet.MapNetworkDrive "N:", "\\<server name>\CAD"objNet.MapNetworkDrive "L:", "\\<server name>\SHARES"objNet.MapNetworkDrive "M:", "\\<server name>\PhotoMapper"objNet.MapNetworkDrive "T:", "\\<server name>\Terrain Pro"objNet.MapNetworkDrive "O:", "\\<server name>\Tech Docs"objNet.MapNetworkDrive "Q:", "\\<server name>\PlotStorage"objNet.MapNetworkDrive "P:", "\\<server name>\PROJECTS"WSCript.Quit Thanks for your help in advanced, 3DCrash

I am having the identical problem, but I can't seem to find anyone else who has this problem or the solution. Does anyone know anything about this.Thanks,Mitch

I am also having this problem. I am using Vista RC1 logging into a Windows Server 2003 domain. The very first time I logged in, all of my drives and printers mapped. But since then, the drives do not map and I don't get any error messages. But if I look in the "Recent Items" list on the start menu, the drive mapping script shows up there. When I click on it, I get a security warning that asks if I really want to open it. When I click "Open", then the script runs and maps the drives correctly. Does that work for anyone else? I know it's not a fix, but it does help maintain sanity until the issue is resolved! If anyone has any ideas, they would be much appreciated! Thanks, Grant

I am also having this problem. I am using Vista RC1 logging into a Windows Server 2003 domain. The very first time I logged in, all of my drives and printers mapped. But since then, the drives do not map and I don't get any error messages. But if I look in the "Recent Items" list on the start menu, the drive mapping script shows up there. When I click on it, I get a security warning that asks if I really want to open it. When I click "Open", then the script runs and maps the drives correctly. Does that work for anyone else? I know it's not a fix, but it does help maintain sanity until the issue is resolved! If anyone has any ideas to fix this, they would be much appreciated! Thanks, Grant

I saw a post this morning at the Vista community site that talked about this being a result of the mode in which the scripts are run, and I quote: Prashanth Prahalad [MSFT]:By default Group policy service executes scripts in an elevated mode. There are some scripts like 'Map network drives' that would need to be run in UAP mode. In order to launch such scripts in a UAP context from an elevated process, you can leverage the Task scheduler API. The postgoes on to say: Prashanth Prahalad [MSFT]:If the user wants to run a [Group Policy]logon script"Script-UAP.wsf" and requires it to run in UAP context because it is mapping drives for the user then, create another script "Launch-Script-UAP.wsf" which will just use the sample script above to launch "Script-UAP.wsf" in UAP mode. Deploy this [second]script as the[Group Policy] logon script. The original post and replies can be found at: http://windowshelp.microsoft.com/communities/newsgroups/en-us/default.mspxSearch the "Network & Sharing" discussion for "Login Script Problems". It wasstarted on 9/14/2006 by user "John". Please don't shoot the messenger!--srshowers

Just use the launchApp to launch your new login script. There is a thread on this here: http://www.developersdex.com/asp/message.asp?p=593&r=5431945&page=2 The basics are though just check the OS and launch the script with the parameters you want. Here is a copy of what I did/posted there: The solution I used was to do this.1) Get launchApp.wsf from the MS documentationhttp://technet2.microsoft.com/WindowsVista/en/library/5ae8da2a-878e-48db-a3c1-4be6ac7cf7631033.mspx?mfr=true 2) Created Vista_Check.vbs that I set as my login script3) When I cut and pasted launchApp.wsf the formatting put an extracarriage return in part of the script that I had to removeCall rootFolder.RegisterTaskDefinition( _strTaskName, taskDefinition, FlagTaskCreate, _,, LogonTypeInteractive)I have tested this against Vista, XP SP2 and Server 2003.Works justfine and I didn't have to change anything in my actual login.vbsHope this helps.Vista_Check.vbs==============Dim isVistaDim wshShellSet wshShell = CreateObject("WScript.Shell")GetOSIf isVista = True ThenrunLaunchAppElserunLoginNormalEnd IfSub runLaunchAppwshShell.Run "cscript \\<path to launchapp>\launchapp.wsf \\<path tologin>\login.vbs"End SubSub runLoginNormalwshShell.Run "\\<path to login>\login.vbs"End SubSub GetOSstrComputer = "."Set objWMIService =GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer &"\root\cimv2")Set colOSes = objWMIService.ExecQuery("Select * fromWin32_OperatingSystem")For Each objOS in colOSesosCaption = objOS.CaptionIf instr(osCaption, "Vista") ThenisVista = TrueEnd IfNextEnd Sub

Login Script not working and not mapping drives: Go to Control Panel, Administrative Tools, Local Security Policy, Local Policies, Security Options, User Account Control: Run all administrators in Admin Approval Mode > Set to Disable After setting to Disable the login script works fine.

I dealt with an issue like this recentlyin an MS private newsgroup (microsoft.private.directaccess.windowsclient.vista). Looks like there may be multiple issues, but here's info on dealing with one of them. In previous versions of Windows, if there was an error mapping a drive letter due to permissions, missing folders or shares, etc., the NET USE command would simply return an error message, and the script would continue. In Vista, it appears that the NET USE command gets confused and sees an authentication problem, regardless of the actual cause. It then tries to prompt for user credentials, which of course is useless in a logon script, and waits forever for response. If you check after logon, you can see the NET command still sitting in memory waiting for input, although no command window is open. A workaround might be to precede NET USE commands with a <Nul: redirection, so that if the command tries to take input it will get an EOF and error out. A better solution would be to fix Vista's NET USE to properly handle situations where the mapping cannot take place, especially in batch scripts. In my case, running the script manually helped me to see where the problems occurred and fix them. I didn't notice any impact based on whethermy user ID had local admin rights, nor did the EnableLinkedConnections registry patch have any effect. /kenw

Hey all, I am working with Vista on a SBS2003 domain for quit some time now with no problems. The UACerrors are getting is the application and setup file from the SBS server. This file runs as soon as you join the domain, or if you change anything likeinstalled application(virus scanner maybe?). It's just a warning from Vista telling you SBS wants to install or changesomething on the client. As soon as the setup file is finished it changes a flag and will not appear again until you change anything. Second I also use a logon script for the drive mappings. One thing to make sure is that you first disconnect all the drive mapping. If you leave the drives connected (as due to the first logon) it will trow an error. Second I run both the logon scipt and the setup.exe from one batch like this: SBS_Logon_Script.bat : Code Snippet \\[servername]\Clients\Setup\setup.exe /s [servername]'(this is the setup file from sbs) \\[servername]\netlogon\logon.vbs'(this is the logon script) The logon script starts like this: Code Snippet Dim WSHNetwork Set WSHNetwork = CreateObject("WScript.Network") 'Grab the user name UserString = WSHNetwork.UserName 'Disconnect ALL mapped drives Set clDrives = WshNetwork.EnumNetworkDrives For i = 0 to clDrives.Count -1 Step 2 WSHNetwork.RemoveNetworkDrive clDrives.Item(i), True, TrueNext 'Give the PC time to do the disconnect, wait 300 millisecondswscript.sleep 300 Then do your drive mappings Be sure to add an extra delay at the end of the script to give some time to make the mapping, wscript.sleep 500 wscript.quit I hope this helps. Greets Arno

Thanks for the solution... I was able to get mymapped drives to displayafter I implemented your solution in the group policy andreset the "User Account Control: Run all administrators in Admin Approval Mode" option in the Local Security Policy back to the default value "Enabled"...

Thank you, barnesk. This post resolved my issue. Darryl

Hi, Try using script with "RemoveNetworkDrive strDriveLetter" as logoff script hope it helps thks