6 Replies Latest reply on Sep 29, 2009 12:10 PM by SafeBoot

    Random Users Unable to Login to PBA After EEPC Install

      Problem:
      AutDomain user assignment has become increasingly unreliable. From the beginning, random user's have encountered problems with initial pre-boot login. They simply cannot login with their network user ID and password. To date we have a total of 129 machines encrypted, of those about 8 users have encountered this problem, roughly 6%. Considering we have 4000 laptops to encrypt this would suggest 240 users would encounter this problem.

      Issue:
      What we have found is one of three things are happening: AutoDomain prompts the user for their password but they are unable to login to pre-boot(Encryption manager shows the user assigned to the machine); Autodomain doesn't prompt the user for their password(Encryption Manager doesn't show the user assigned to the machine); AutoDomain doesn't run at all, evident in the fact no output log is generated and user cannot be added by logging into Windows.

      Status:
      We're currently implementing the recommendations in the the Best Practices guide thinking that maybe this has something to do with syncronization performance. To date the following performance changes have been made: TCP/IP KeepAlive Time Reduction=300000; Last Access Time Stamp (NtfsDisableLastAccessUpdate) =1; Tune Microsoft Windows 2003 server to be a file server, NtfsMftZoneReservation=4; client sync set to 180 mintes; Intial sync = 30 w/30 minutes randomization; Autod inital sync = 30 /w30 minutes randomization. Will be implementing DBCG.ini this week with the following settings:

      DBCFG.ini
      [NameIndex]
      Enabled=Yes
      LockTimeout=3000
      LockSleep=10
      HashCount=63
      MinEntrySize=16
      LifeTime=86400

      [Attribs]
      SingleFile-No
      AutoConvert=No

      [Tracking]
      ObjectChanges=No

      Currently have a total of 20 Scripter users.

      Autodomain.ini:

      ;For information on these parameters, please view the autodomain script itself.

      [Connection]
      DefaultAdminUser=User5869
      DefaultAdminAuth=985866576509

      NumberOfAdminUsers=20
      ;DefaultAdminDatabase=
      ;UseLastGoodConnection=true
      ;DefaultWaitTime=0
      ;RandomWaitTime=0
      ;WaitForPingServer=20
      ;AlwaysSyncWhenFinished=False

      [Machines]
      ;ClearRestorePoints=False
      CreateMachines=true
      ;DefaultMachineGroupName=
      ;MachineExistsMode=Recycle
      CreateMachinesInOU=true
      TemplateMachineGroup=Default Group
      MoveMachinesToGroup=true
      ;RenameMachinesIfNeeded=true
      OpenFireWallForSafeBoot=true
      ;CreateMachinesInSubsetOfName=0
      ;SetAllDriveEncryption=False

      [Users]
      ProcessUsers=current
      ;SkipUsers= |Administrator|,|LocalService|,|All Users|,|Default User|,|NetworkService|,|Guest|,|systemprofile|,|emanager|,|$autoboot$|,|user1|
      ;defaultgooddomains=
      ;SpecifyAllDomains=false
      ;CheckCurrentUserList=True
      CreateUsers=True
      CreateUsersInOU=True
      ;SetSSOOnCreate=True
      ;DefaultUserGroupName=
      ;DefaultUserPassword=
      ;AskForCurrentUserPassword=True
      ;AlwaysAskForCurrentUserPassword=False
      ;RemoveAutoBoot=True
      TemplateUserGroup=users
      NumberOfQAToAsk=0
      AlwaysAskForQA=False
      ;AddMachineOUUserGroup=
      ;DomainNameIndex=
      ;ConnectorName=""
      ;SecurityGroup=""
      ;NotifySetUsersByEmail=False
      ;UITimeout=300
      ;PermAutoBootMode=false
      ;UseUPNIfPossible=false

      [Debug]
      debuglevel=4
      developermode=False
      ;LogFileName=[scriptpath]\AutoDomainLog.html
      ;LogOnTheGo=true
      ;HTMLOutput=true
      ;wScriptOutput=False

      [Rerun]
      ;TestForStickAround=true
      ;TestForBlockFile=false
      ;OnlyRunOnce=true
      RunOnceOnLogon=true

      [Behaviour]
      CancelIfServer=true
      ;CancelIfNotLaptop=false


      Autodomain.log.html included in next post
        • 1. RE: Random Users Unable to Login to PBA After EEPC Install
          Users Autodomain.log.html (No Autod password prompt presented for currently logged in user [B]Userx[/B]
          9/2/2009 13:44:21.13 PM: Running TestSafeBootAPI...
          9/2/2009 13:44:21.20 PM: I tested the Endpoint Encryption API, it's working and the version is good (5.1.7.0)
          9/2/2009 13:44:21.20 PM: Found -install tag on the command line
          9/2/2009 13:44:21.20 PM: Script Name is: C:\Temp\15F084.vbs
          9/2/2009 13:44:21.20 PM: Using rerun entry: "C:\PROGRA~1\McAfee\ENDPOI~1\AutoDomain.exe"
          9/2/2009 13:44:21.33 PM: Deleting Block File
          9/2/2009 13:44:21.33 PM: START! Version 5.16
          9/2/2009 13:44:21.55 PM: Running Under Microsoft Windows XP Professional 5.1.2600 : 32Bit : 1 processors
          9/2/2009 13:44:21.58 PM: Got Current user name "userx" from domain "mydomain"
          9/2/2009 13:44:21.58 PM: Added current users domain "mydomain" to the defaultgooddomains list. The list is now ",mydomain"
          9/2/2009 13:44:21.58 PM: Compression check on systemdrive (C:) - Not Compressed
          9/2/2009 13:44:21.58 PM: Skipping clearing restore points
          9/2/2009 13:44:21.59 PM: Free Space Check on Boot Drive - 36096MB Free
          9/2/2009 13:44:21.59 PM: Running IsBootCodeActive...
          9/2/2009 13:44:21.69 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:21.69 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
          9/2/2009 13:44:21.69 PM: ....Captured Command Result Code: 0xe0020018
          9/2/2009 13:44:21.69 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
          9/2/2009 13:44:21.69 PM: 0xe0020018 | Endpoint Encryption disk driver not present
          9/2/2009 13:44:21.75 PM: Running IsBootCodeActive...
          9/2/2009 13:44:21.78 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:21.78 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
          9/2/2009 13:44:21.78 PM: ....Captured Command Result Code: 0xe0020018
          9/2/2009 13:44:21.78 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
          9/2/2009 13:44:21.78 PM: 0xe0020018 | Endpoint Encryption disk driver not present
          9/2/2009 13:44:21.89 PM: Incompatible Product Check returned no incompatible products found.
          9/2/2009 13:44:21.91 PM: I'm going to use the group "Default Group" if I have to create any machines.
          9/2/2009 13:44:21.91 PM: Found a good connection in the DB list for database "Endpoint Server" in file "C:\PROGRA~1\McAfee\ENDPOI~1\sdmcfg.ini"
          9/2/2009 13:44:21.92 PM: Opening ports in your Windows firewall to allow Endpoint Encryption traffic
          9/2/2009 13:44:21.97 PM: Adding the outgoing port to Standard Profile
          9/2/2009 13:44:21.97 PM: Adding the incoming port to Standard Profile
          9/2/2009 13:44:21.97 PM: Adding the outgoing port to Domain Profile
          9/2/2009 13:44:21.97 PM: Adding the incoming port to Domain Profile
          9/2/2009 13:44:21.97 PM: Running IsBootCodeActive...
          9/2/2009 13:44:22.00 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:22.00 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
          9/2/2009 13:44:22.00 PM: ....Captured Command Result Code: 0xe0020018
          9/2/2009 13:44:22.00 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
          9/2/2009 13:44:22.00 PM: 0xe0020018 | Endpoint Encryption disk driver not present
          9/2/2009 13:44:22.00 PM: Running IsBootCodeActive...
          9/2/2009 13:44:22.02 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:22.02 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
          9/2/2009 13:44:22.02 PM: ....Captured Command Result Code: 0xe0020018
          9/2/2009 13:44:22.02 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
          9/2/2009 13:44:22.02 PM: 0xe0020018 | Endpoint Encryption disk driver not present
          9/2/2009 13:44:22.02 PM: Endpoint Encryption for PC's is not installed
          9/2/2009 13:44:22.05 PM: Running sbadmclIsMachineActive for 1003669...
          9/2/2009 13:44:22.05 PM: New connection
          9/2/2009 13:44:22.34 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:22.34 PM: sbadmclIsMachineActive returned results for 1003669
          9/2/2009 13:44:22.63 PM: Running CreateSBUMachine (1003669/C:OU=Computers,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx)...
          9/2/2009 13:44:22.63 PM: Existing Connection
          9/2/2009 13:44:22.75 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:22.75 PM: ....Captured Command Result Description: The name was not found in the database
          9/2/2009 13:44:22.75 PM: ....Captured Command Result Code: 0xdb000004
          9/2/2009 13:44:22.75 PM: Failed creating machine 1003669 in group C:OU=Computers,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx because The name was not found in the database
          9/2/2009 13:44:22.75 PM: 0xdb000004 | The name was not found in the database
          9/2/2009 13:44:22.75 PM: Running sbadmclCopyGroup (C:OU=Computers,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx/Default Group)...
          9/2/2009 13:44:22.75 PM: Existing Connection
          9/2/2009 13:44:22.95 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:22.95 PM: Created new group C:OU=Computers,xxx,OU=xx,OU=CIS Managed,DC=xxx,DC=xxx
          9/2/2009 13:44:22.95 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:22.95 PM: Created a new Machine group called "C:OU=Computers,xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx"
          9/2/2009 13:44:22.95 PM: Running CreateSBUMachine (x003669/C:OU=Computers,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx)...
          9/2/2009 13:44:22.95 PM: Existing Connection
          9/2/2009 13:44:23.84 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:23.84 PM: Created new machine 1003669 in group C:OU=Computers,OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx
          9/2/2009 13:44:23.84 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:23.84 PM: Created a new machine entry in the database for "1003669" in group "Default Group"
          9/2/2009 13:44:23.86 PM: Running sbadmclSetMachineDescription (1003669/This machine created by AutoDomain script because a new machine was trying to use its name. This happened on 9/2/2009 at 1:44:23 PM)...
          9/2/2009 13:44:23.86 PM: Existing Connection
          9/2/2009 13:44:24.00 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:24.00 PM: sbadmclSetMachineDescription passed for machine 1003669
          9/2/2009 13:44:24.00 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:24.00 PM: Using Machine Name:"1003669" for future activity.
          9/2/2009 13:44:24.00 PM: Running sbadmclIsMachineActive for 1003669...
          9/2/2009 13:44:24.00 PM: Existing Connection
          9/2/2009 13:44:24.17 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:24.17 PM: sbadmclIsMachineActive returned results for 1003669
          9/2/2009 13:44:24.17 PM: Getting the current list of users for machine "1003669"
          9/2/2009 13:44:24.17 PM: Running sbadmclDumpMachineUsers (1003669)...
          9/2/2009 13:44:24.20 PM: Existing Connection
          9/2/2009 13:44:27.59 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:27.59 PM: 0x00000000 | The operation completed successfully.
          9/2/2009 13:44:27.59 PM: Found User:xxx1
          9/2/2009 13:44:27.59 PM: Found User:xxx2
          9/2/2009 13:44:27.59 PM: Found User:xxx3
          9/2/2009 13:44:27.59 PM: Skipping adding the following users for you because they are either already allocated, or on a blacklist your administrator has set:|Administrator|,|LocalService|,|All Users|,|Default User|,|NetworkService|,|Guest|,|systemprofile|,|xxx1|,|xxx2|,|xxx3|
          • 2. RE: Random Users Unable to Login to PBA After EEPC Install
            9/2/2009 13:44:27.59 PM: Processing Current User "userx" from the "mydomain" Domain
            9/2/2009 13:44:27.59 PM: Running sbadmclSetUser... userx//1003669/False)...
            9/2/2009 13:44:27.59 PM: Existing Connection
            9/2/2009 13:44:27.84 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:27.84 PM: ....Captured Command Result Code: 0x00000000
            9/2/2009 13:44:27.84 PM: Set user called "userx" (or group "") as a valid user of machine "1003669".
            9/2/2009 13:44:27.84 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:27.84 PM: Set user "userx" to the machine.
            9/2/2009 13:44:27.84 PM: Skipping adding user to securty group becasue that option is not set.
            9/2/2009 13:44:27.86 PM: C:\WINDOWS\system32\config\systemprofile
            9/2/2009 13:44:28.11 PM: User SID: S-1-5-18
            9/2/2009 13:44:28.11 PM: Machine SID: S-1-5-21-35293634981-3615762775-2885428501
            9/2/2009 13:44:28.11 PM: C:\Documents and Settings\LocalService
            9/2/2009 13:44:28.25 PM: User SID: S-1-5-19
            9/2/2009 13:44:28.25 PM: Machine SID: S-1-5-21-35293634981-3615762775-2885428501
            9/2/2009 13:44:28.38 PM: C:\Documents and Settings\userx
            9/2/2009 13:44:28.50 PM: User SID: S-1-5-21-18442376151-1957994488-76424323-8234
            9/2/2009 13:44:28.50 PM: Machine SID: S-1-5-21-35293634981-3615762775-2885428501
            9/2/2009 13:44:28.50 PM: Could not determine user domain so setting it to "mydomain"
            9/2/2009 13:44:28.50 PM: Skipped User (Because on Skip List): "userx" from the "mydomain" Domain
            9/2/2009 13:44:28.50 PM: C:\Documents and Settings\user123
            9/2/2009 13:44:28.63 PM: User SID: S-1-5-21-18442376151-1957994488-76424323-87100
            9/2/2009 13:44:28.63 PM: Machine SID: S-1-5-21-3529363498-3615762775-2885428501
            9/2/2009 13:44:28.63 PM: Could not determine user domain so setting it to "mydomain"
            9/2/2009 13:44:28.63 PM: Processing Domain User: user123 from the 'mydomain' Domain
            9/2/2009 13:44:28.63 PM: Running sbadmclSetUser... user123//1003669/True)...
            9/2/2009 13:44:28.63 PM: Existing Connection
            9/2/2009 13:44:28.77 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:28.77 PM: ....Captured Command Result Code: 0xdb000004
            9/2/2009 13:44:28.78 PM: Running sbadmclCreateUser (user123/OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx) Password Length: 5
            9/2/2009 13:44:28.78 PM: Existing Connection
            9/2/2009 13:44:29.23 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.23 PM: ....Captured Command Result Description: The password is too small
            9/2/2009 13:44:29.23 PM: ....Captured Command Result Code: 0xe0010010
            9/2/2009 13:44:29.23 PM: Failed creating user user123 because The password is too small
            9/2/2009 13:44:29.23 PM: 0xe0010010 | The password is too small
            9/2/2009 13:44:29.23 PM: Created user "user123" in the group .
            9/2/2009 13:44:29.23 PM: Tried to create user during sbadmclSetUser called "user123" but failed because "The name was not found in the database"
            9/2/2009 13:44:29.25 PM: C:\Documents and Settings\xxx
            9/2/2009 13:44:29.39 PM: User SID: S-1-5-21-35293634981-3615762775-2885428501-1003
            9/2/2009 13:44:29.39 PM: Machine SID: S-1-5-21-35293634981-3615762775-2885428501
            9/2/2009 13:44:29.39 PM: User is from the LOCAL domain.
            9/2/2009 13:44:29.39 PM: Skipped User (Domain not in DefaultGoodDomains list): "mydomain" from the "LOCAL" Domain. Current good domains list is ",mydomain"
            9/2/2009 13:44:29.39 PM: C:\Documents and Settings\Administrator
            9/2/2009 13:44:29.52 PM: User SID: S-1-5-21-35293634981-3615762775-2885428501-500
            9/2/2009 13:44:29.52 PM: Machine SID: S-1-5-21-35293634981-3615762775-2885428501
            9/2/2009 13:44:29.52 PM: User is from the LOCAL domain.
            9/2/2009 13:44:29.52 PM: Skipped User (Domain not in DefaultGoodDomains list): "Administrator" from the "LOCAL" Domain. Current good domains list is ",mydomain"
            9/2/2009 13:44:29.52 PM: Searching for AutoBoot users to remove..
            9/2/2009 13:44:29.52 PM: Running GetMachineName...
            9/2/2009 13:44:29.52 PM: Existing Connection
            9/2/2009 13:44:29.55 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.55 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.55 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:29.55 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.55 PM: Running IsBootCodeActive...
            9/2/2009 13:44:29.56 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.56 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.56 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:29.56 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:29.56 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.58 PM: Running IsBootCodeActive...
            9/2/2009 13:44:29.59 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.59 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.59 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:29.59 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:29.59 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.59 PM: StickAround Test: True - pre-boot is not yet installed.
            9/2/2009 13:44:29.59 PM: Running IsBootCodeActive...
            9/2/2009 13:44:29.63 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.63 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.63 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:29.63 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:29.63 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.63 PM: Running IsBootCodeActive...
            9/2/2009 13:44:29.66 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.66 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.66 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:29.66 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:29.66 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.66 PM: Running IsBootCodeActive...
            9/2/2009 13:44:29.69 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:29.69 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.69 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:29.69 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:29.69 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:29.69 PM: As you don't have Endpoint Encryption for PC's Active,I'm not going to bother forcing a sync of your machine.
            9/2/2009 13:44:29.70 PM: Running Cleanup...
            9/2/2009 13:44:29.72 PM: Removing Standard Rerun Registry Keys from HKCU and HKLM
            9/2/2009 13:44:32.00 PM: Running IsBootCodeActive...
            9/2/2009 13:44:32.03 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:32.03 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:32.03 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:32.03 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:32.03 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:32.03 PM: StickAround Test: True - pre-boot is not yet installed.
            9/2/2009 13:44:32.03 PM: Running IsBootCodeActive...
            9/2/2009 13:44:32.06 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:32.06 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:32.06 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:32.06 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:32.06 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:32.06 PM: Running IsBootCodeActive...
            9/2/2009 13:44:32.09 PM: 0x00000000 | The operation completed successfully.
            9/2/2009 13:44:32.09 PM: ....Captured Command Result Description: Endpoint Encryption disk driver not present
            9/2/2009 13:44:32.09 PM: ....Captured Command Result Code: 0xe0020018
            9/2/2009 13:44:32.09 PM: Tried to talk to the Boot code but it's not there - Device Encryption is not active.
            9/2/2009 13:44:32.09 PM: 0xe0020018 | Endpoint Encryption disk driver not present
            9/2/2009 13:44:32.09 PM: Script Name is: C:\Temp\15F084.vbs
            9/2/2009 13:44:32.09 PM: Using rerun entry: "C:\PROGRA~1\McAfee\ENDPOI~1\AutoDomain.exe"
            9/2/2009 13:44:32.16 PM: Deleting Block File
            9/2/2009 13:44:32.16 PM: Installing RunOnLogon registry keys as RunOnceOnLogon=true and we are not in /runonlogon mode.
            9/2/2009 13:44:32.16 PM: Script Name is: C:\Temp\15F084.vbs
            9/2/2009 13:44:32.16 PM: Installing Run Once On Logon entry: "C:\PROGRA~1\McAfee\ENDPOI~1\AutoDomain.exe" /RUNONLOGON with version number: 1
            9/2/2009 13:44:32.27 PM: Deleting Block File
            9/2/2009 13:44:32.27 PM: Removing Standard Rerun Registry Keys from HKCU and HKLM
            9/2/2009 13:44:32.39 PM: Log filename is: C:\Temp\AutoDomain.log.html
            9/2/2009 13:44:32.39 PM: DONE!
            • 3. RE: Random Users Unable to Login to PBA After EEPC Install
              I can't help with the not run at all question, but if AutoDomain runs, the log file will give you a pretty detailed explanation of the decisions it took...

              The most common reason that the user does not see the password wizard, is that their account is already assigned to the machine. The wizard only appears if the user needs to be set to the machine, and not even then if the user already exists unless alwaysask.. is on.


              You're using quite an old version of AD though - you might want to consider going at the very least to the latest production version (5.17), or better still the latest test version (5.23).
              • 4. RE: Random Users Unable to Login to PBA After EEPC Install
                yup. Userx already existed in EEM, so there was no reason to ask them for their password (they must have already been asked, otherwise how did they get created?)

                If you want them to get asked whether they already exist or not, then turn alwaysask.. to true. The only time they WONT get asked then, is if they are already set to the machine.

                ...

                9/2/2009 13:44:27.59 PM: Processing Current User "userx" from the "mydomain" Domain
                9/2/2009 13:44:27.59 PM: Running sbadmclSetUser... userx//1003669/False)...
                9/2/2009 13:44:27.59 PM: Existing Connection
                9/2/2009 13:44:27.84 PM: 0x00000000 | The operation completed successfully.
                9/2/2009 13:44:27.84 PM: ....Captured Command Result Code: 0x00000000
                9/2/2009 13:44:27.84 PM: Set user called "userx" (or group "") as a valid user of machine "1003669".
                • 5. RE: Random Users Unable to Login to PBA After EEPC Install
                  I don't know how the user could have already existed, this was a new install for them and since Autod assigns our users at time of EEPC install there's no way they would have already existed in EEM. Bit of a head scratcher to me.

                  One thing I'm noticing is it appears Autod is running multiple times. What I mean is when I first install EEPC Autod runs, then after the first reboot it runs 2 and 3 more times (without the install tag) and goes through the whole process of opening FW ports, verifying users, verifying machine. Is this normal? Seems like it should run just once unless EEPC is being unistalled.
                  • 6. RE: Random Users Unable to Login to PBA After EEPC Install
                    Do you have a log of it running more than once? It will tell you why it set itself back to run again. Don't post it here, you can email it to me if you like though.

                    UserX absolutely existed - otherwise the script would have logged creating them.

                    like for example this section where your password template does not accept the default password (you need to fix that).

                    Existing Connection
                    9/2/2009 13:44:28.77 PM: 0x00000000 | The operation completed successfully.
                    9/2/2009 13:44:28.77 PM: ....Captured Command Result Code: 0xdb000004
                    9/2/2009 13:44:28.78 PM: Running sbadmclCreateUser (user123/OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx) Password Length: 5
                    9/2/2009 13:44:28.78 PM: Existing Connection
                    9/2/2009 13:44:29.23 PM: 0x00000000 | The operation completed successfully.
                    9/2/2009 13:44:29.23 PM: ....Captured Command Result Description: The password is too small
                    9/2/2009 13:44:29.23 PM: ....Captured Command Result Code: 0xe0010010
                    9/2/2009 13:44:29.23 PM: Failed creating user user123 because The password is too small
                    9/2/2009 13:44:29.23 PM: 0xe0010010 | The password is too small
                    9/2/2009 13:44:29.23 PM: Created user "user123" in the group .
                    9/2/2009 13:44:29.23 PM: Tried to create user during sbadmclSetUser called "user123" but failed because "The name was not found in the database"