My server is Debian-based, running Samba as the Primary Domain Controller. I have verified the permissions on the netlogon share (drwxrwsr-x) and the login.bat (-rwxrwxr-x) file, to allow all users Read and Execute permissions. On some of the systems, the script simply does not run; no drives mapped, no Program Update checks, etc. However, I can manually navigate to \\server\netlogon\login.bat, run the file, and all the drive mappings appear!
I wish I could see a pattern, but it seems to only happen to a few PCs, then it happens to different PCs, and is never constant. All the PCs are Windows 7 Pro, and the users logging in are regular users, no Administrators (other then myself) log in to them for day-to-day use. In the Group Policy Editor, the Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon parameter is set to Enabled.
I cannot think of any recent changes that may have occurred in the vicinity of these computers, and they always have Internet access, and can manually connect to the server. What else can I look for? Below is the result of testparm -s:
[global]
workgroup = DOMAIN
netbios name = SERVER
server string = server
interfaces = eth1
bind interfaces only = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *new*password* %n\n *new*password* %n\n *updated*
unix password sync = Yes
log level = 1
name resolve order = host wins lmhosts bcast
printcap name = /dev/null
disable spoolss = Yes
logon script = login.bat
logon path = \\server\netlogon
preferred master = yes
logon drive = h:
domain logons = Yes
os level = 255
domain master = Yes
wins support = Yes
path = /var/spool/lpd/samba
admin users = machine
write list = @domainadmins
printing = lprng
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
lppause command = lpc hold '%p' %j
lpresume command = lpc release '%p' %j
queuepause command = lpc stop '%p'
queueresume command = lpc start '%p'
[netlogon]
path = /usr/local/share/netlogon
UPDATE - I had to restart the Samba daemon on the server. Some computers that were working fine are now showing issues, and ones that were showing issues seem fine. Is this helpful in narrowing down the issue?
Some thoughts... with this sort of problem, I'd want to gather as much info as possible, including the boot sequence of the PC. I'd first turn on boot logging, and turn off all the "glitz" from the Windows 7 boot process:
(Boot logs get written to %WINDIR%\ntbtlog.txt)
I'd then use Process Monitor to monitor the boot and logon process ("enable boot logging" in the menus). From here, you'll see interaction with your SMB server. Process Monitor generates a lot of data, so clever filtering is key. However, with such a vague problem, you may need to start without any filtering.
Out of interest, are you absolutely sure your logon script isn't running, i.e.: have you tried getting it to echo a date/time to a file somewhere, or something similarly simple? Just a thought.
Also, I appreciate you won't be running Group Policy, as you don't have AD, but there's a registry value somewhere to control whether the logon script runs asynchronously, or synchronously. The former can cause a logon script to fail if the network stack isn't fully up. I've seen this happen when the client has a cached copy of the logon script available...
This is where I'd start, anyway.