InTheWayBoy

If everything was working fine before the HD, then the first thing to verify is the new HD. First off, what make and model are your drives? Both original and new. Second, since you know that the original one works fine, disconnect that from the system and try to load windows on the new one. If the new HD is bad, it should display similar errors when opperating on its own. You could also try and run the manufacturers diagnostic tools.

Don't forget you'll run into issues with CDKey's depending on the SP level and 'flavor' of the OS...OEM, Retail, NFR, etc. It's very hard to make a 'universal' unattended install CD...you could use a regular CDKey in the unattended, then run the activation after the load is done. There you will get a chance to change the CDKey...but just like above, that doesn't always work.

%MACHINENAME% is the variable...the question I have is have you entered in the clients GUID when you made the computer account? As far as I know that is the only way to utilize that variable, so make sure you have that field populated.

You may also want to look into implimenting a logoff script. You could configure it with commands to delete the mapped drives. More work, but might be just what you need to ensure those pesky mapped drives don't stick around. If you are using AD, then there is a GPO just for scripts! Gives you four runtime options, one of them being log-off. Good luck!

Awesome, I was kinda looking forward to using R2, even if only for it's improved print management. But looks like I'll have even more to play with! Thanx for all the info, the project is in progress, but on hold at the moment until all the gear arrives. I will update this as I know more.

Have you tried installing XP with just one drive, not in an Array. That should at least help pinpoint if it's a problem with the RAID or something else. And I know they are better as of late, but I don't trust ECS at all...ECS = PCChips = PCSh*ts

What wireless chipset are the laptops using? I have a few Intel wireless laptops in our domain, and I've had mixed results. Some weren't as drastic as you are saying (20 Minutes Logon Off Domain), but similar problems. Eventually I found that by configuring the WLAN to pre-logon (A feature of the Intel software, it's not an XP option) reduced most if not all my headaches. This may not be your problem, but something to look into. Also, have you tried eliminating GPO from the mix? There are several policies that can effect startup and login times if they aren't proper. There is one that says to wait for the network before logging in for instance. I would either triple check your GPO's to make sure you don't have any issues, or disable them all together. Since you say it effects multiple computers in your domains then I would look at something global like this.

I'll put up a vote for Master Windows 2003...Minasi is a good writer, and even if it's not the most perfect information (Not that I have any reason to believe otherwise) it's very easy and entertaining to read. I have that one and another one he colaborated one about Group Policies.

Follow the link provided above...the post talks about pstools, particularly psshutdown. Those are fantastic command line tools that offer a wealth options. Highly recommended. The site is: www.sysinternals.com

This one looks pretty nice too...and it will work on Win32 or *nix: http://unattended.sourceforge.net/

You would want to look into BartPE/WinPE to automate the loading of the OS...WinPE is the official way to do it, but BartPE is better in the long run.

Are you running this on 2003? Could be that annoying IE hardening component getting in the way...to remove it go to Add/Remove, then Windows Components...it's on the first list. I think that only applies to SP1 and above. Some more system info would be nice too...OS, AV, Firewall, etc...

Realtek's are great is you want a $5 NIC for a non-networked machine...say a home user for instance. Otherwise they suck the hair on my b*lls. And Dell's are great machines if you can support them yourselves. I'm with RougeSpear in that I have never had problems with them, and when I do I can figure it out far quicker than Dell can. We even have the Gold service plans on some...just isn't worth the time. Even if it's next-day then that's one day of down-time...not quick enough. Too bad there is no open-source drivers for the Realtek line...I bet that with stronger drivers they wouldn't be half bad.

Well, their documentation isn't that bad...but it is hard to find. Here's some docs that helped me out: http://service1.symantec.com/SUPPORT/ent-s...niver=sav_ce_10 ftp://ftp.symantec.com/public/english_us_...als/savinst.pdf The second is to the install PDF that should be with your install source. If not you can download it there. The section I found most useful was the last, the MSI switch database. The GRC.DAT is an easy way to go, but you also have other options. And RougeSpear, so I'm not the only one who hates the Symantec Firewall...may I ask what you switched to?

We have a new time clock software that I will need to be deploying to all my clients. I'm in process of redesigning the whole thing, so this won't be an issue soon. But for now, I have one remote office that will need to be able to use this software. Sadly, it's not very internet friendly, so the only way they recommend doing this is via VNC or RDP. That's fine, but I don't want to setup a whole new machine just for this one tiny application. So my next thought was to see if there is a way to provide remote access to just a single application. Like a VNC server, but only for the program. I know there is Citrix and Terminal Server, but since this is a temporary issue I can't spend that kinda money for only a month or two. Any ideas? I've tried googling it and found a few things like MetaVNC, but I'm really not sure that's what I need. Ideally I would like the remote office to just have to double-click an icon and have the computer automatically connect to my server and load the application on the remote desktop. Seems simple enough...thanx in advance!

Good call on the title syntax And cluberti, I just might take you up on your PM offer. All the info you provided is very helpful, and definantly helps me with most of my issues. I'm winding down for the holiday, so it wouldn't be till afterwards when all this gets started, but I need to R & D so more. Thanx again! One question on the DFS suggestion. I had another forum member suggest the same thing, and I like the idea. But my only question is how the replication works. Is it configurable to the point that I can set bandwidth and time settings for replicating across the WAN? For instance, if I wasn't too worried about having the data replicated immediately can I configure it to only replicate after office hours?

Okay, so things are starting to get a little bigger than I expected. Here's the skinny: Started with just two buildings, linked via a burried CAT5. The units are only 100FT away, so all is well there. Then, we opened an office in a city far away. And just recently, we purchased another unit in the same complex as the first two. Sadly, doesn't look like I'll be able to physically link the two as the cost of fiber (It's well over the spec for CAT5) is too much at the moment. For Clarity: 1400 - First building 1500 - Second building 2300 - Third building (Newest) Ormond - Remote office So 1400 and 1500 are linked via the CAT5, and have their own DC and are net enabled via a T1. 2300 is the newest building in the complex, and currently it is setup with it's own DC and a DSL connection. And Ormond is currently in a workgroup setup, with a T1 for net access. 1400 and 1500 are in the same domain, in it's own forest. 2300 is the same...it's own DC in it's own forest. I am currently in process of implimenting site-to-site VPN via hardware firewalls, and when it's done I plan on scrapping the whole thing to redesign for just one forest, with all the sites in that forest. I'm thinking I need to make a new forest, then two sites (Jax and Ormond), but only one domain. I'm just a little confused about all the site/forest stuff, as I've never tried to do anything this large before. What would be any suggestions on organizing this. I would like to be able to have any user from any location sign on to any computer and get their desktop. I know that if the files are hosted on a different DC that the WAN link won't be so fast, but that's okay for now. I've never touched sites or forests before as it's always been just one server for me. Thanx in advance!!!

I always enclose the values in " " like this: JoinWorkgroup="PRIVAT" I seem to remember that gave me a problem before, but I can't recall if that was the fix or not. It was definantly due to an error in the winnt.sif. Where is the other "ARBEITSGRUPPE" coming from? Usually the default is just "WORKGROUP", so it sounds like there may be some other setting changing that value.

You don't use RIS to push a Ghost image...I believe that's what GhostCast server is for. RIS is to start a remote install of windows...so it would be exactly like if you would be loading it from a CD, only by network. You can customize the install using any of the unattended methods detailed in the forums, but it's intended for fresh installs each time. You can configure RIS to start WinPE/BartPE, which could in turn start some scripts that would automate the process of pulling a Ghost image over the network. That's not an intended use, but it's definantly viable. A lot of work getting the scripts to work I bet...

Even with all the new toys, I personally still do it all by hand. That way when something goes boom I can retrace my steps. Using other tools like nlite and WUCDMaker are nice, but the troublshooting is a pain when they don't work. I have used WPI before, which is a program that runs after windows is installed...it helps get your applications installed nicely. If you only ever install one set of applications then in my opinion it's overkill...but if you like to change your software installs with each install, then it's a god send! There have also been advances in the drivers arena...most the DriverPacks. Again, I don't use those personally, but I hear a lot of good things. But since I don't use but 10% of the drivers in the packs, then it feels like a waste of time/space. Of course, all the machines I work on now are Dells so I have it easy. In a situation where you work on various hardware configs then I bet the DriverPacks make everything easier... And finally, their have been several custom setup packages made that help silently install applications. This is different than the WPI mentioned above...WPI is an interface. These new setup packages are custom made to get past any issues the normal installers have. The only problem I have with that is they tend to be hard coded to whatever the designer wants, and again it's also very hard to verify the work. That said, some packages (RyanVM's) are outstanding, while others are just a joke. That only covers a small portition the advancements found on MSFN. I would suggest looking through the sub-forums...Application Installs and Device Drivers are a good place to start. Good luck!

Well, I've finally come up with what I think is an answer to my most recent post: http://www.msfn.org/board/index.php?showtopic=62775 Instead of modifying each users PST, I found that I can configure Outlook to use an LDAP server...and apparently AD is LDAP. So, I started to dig it...and I'm almost there, but I have a few questions: 1. Is there a list or a reference to how all this dc=domain, ou=users works? I think I kinda have if figured out, but that's only by just looking at examples. I would feel much better if I had a legend to have around. 2. With LDAP, is there anything extra I should be doing in AD to make sure the info is passed? Meaning, when I create a new user all the necessary info should be avalible via LDAP without any extra steps right? And if not, what are some things to do to make sure of that. 3. When configuring Outlook to use LDAP, the default is one port number, M$ suggests another, and various other whitepapers seem to reference a third port. From what I can tell the last port mentioned is for SSL, but what about the other two? I don't have the port numbers handy, but the default one is XXX and the one M$ suggests is XXXX so it's very different. 4. Are there any programs to 'view' the LDAP info in it's raw form...instead of the ADified info? 5. With Outlook, are there any other pitfalls I should be aware of? Best Practices? Thanx in advance...and I can provide any other info necessary, just wanted to keep it brief.

Don't forget, if a user uses a different browser then all those settings are useless...something like ISA or some robust firewall will do you right. But GP isn't big enough on it's own to help you.

I have to add our company employee roster to each users Outlook Address Book. We do not run Exchange, each user accesses their email via a hosted POP3 server on the outside. The PST files are located on the server so I have access to them to modify. I've done this a few times before, but it was painful. I exported the address from Outlook and then sat down at each machine and imported them into the users profile. This is very cumbersome...I would hope there is a better way to do this. I know Exchange can handle this a lot better, but I'm only just starting to poke around with it. It'll be a while before it goes into effect. All the users are Outlook 2003 SP2, running on WinXP SP2. Thanx in advance!!!

I suggest looking at the Offline Files portion of both the user and computer GPO. There are several settings in there that should be what you need. I don't know exactly which one, but it's probably better you read them all and decide what you want to do. They are located under the Admin Templates...I think under the System folder, or maybe Network. You should dig around there anyways, see what GPO can offer you. Good luck!

Actually I think local policy is more powerful than GP...it's like the closest to the user/machine is the most current. So if you have a GPO at the domain level, and one at the OU level, then the OU will override the domain GPO. I think the same applies with local policy as well. But I could be wrong... What error is RSoP giving you? It should give you a reason as to why things are working. Also, it's not recommended to do to much to the Default Domain Policy for this very reason. You should leave that vanilla, and then add GPO to the OU that tweak what you need.