[Samba] Using domain logons with 2 controllers and wireless LAN

Kit kit at gerritsaa.nl
Thu May 27 12:49:15 GMT 2004

Laptops are a pain, because they can catch a virus when outside the network
and broadcast it on the inside. If you don't run a decent virus-scanner on
all fronts and use a firewall, a copy of blaster from home might play havoc
_inside_ the network.

But, about your questions:

1) The way I solved it is by having the laptop detect what network it is
logged into (by subnet mask) and mount shares automatically using:

net use [drive]: \\[servername]\[sharename] /user:[username] [password]

THIS WILL NOT LOG YOU ONTO THE DOMAIN ITSELF, but it will allow you to use
shares and printers. Any Logon scripts will have to be called from this
This will automatically authenticate you on the server, but it will show the
user's password in the file, necessitating specific permissions on the
As an added bonus, it will allow you to log onto each server as a different
You might need to enable the run-as service in your respective Windows

For extra security, you can leave out the password and [net] will ask for it
when it connects.

Instead of auto-detecting, you could also use separate scripts for each
location and have the user log on. (home.bat, office.bat)

It is usually OK to simply close all programs and pull the plug, but it is
not recommended, as some programs keep running in the background.
If you specifically want the user to be able to log off, you ould use the

Net use * /d

This will disconnect the user from any servers.

2) see 1

3) I'm not too sure about XP, but 2K usually requires special apps to log
you onyo the domain, which will only run after logging on.
I have raised this issue with 3Com  (guilty), but they refuse to comment.
The trick is, to locate your Wireless settings in the registry and make sure
those settings are loaded upon booting Windows.

Seeing as the settings of my card are over 200 lines, I will not paste them
They can be found by going to:


And browse through the keys (the card name is listed among the settings)

4) If both ends have permanent IP's you could consider a low-cost VPN
solution like Linksys' BEFVP41 (VPN Router) or ZyXEL's Prestige 650H series
(DSL modem AND Router).
Keep in mind, that VPN Routers and Firewalls don't mix well: you need to
either use the VPN router AS firewall or consult with your network
(there are also a few slow-link policies in Windows you could tinker with,
but I can't recomment it).

Well, sorry to go on like this, I hope this was of any use to you (or other



-- a copy-paste from the auto-detect script, totaling 5 different locations

-= section cut =-

echo HvA fail
echo .
ipconfig -all |find "10.1.1" >NUL
if errorlevel 1 goto test5
if errorlevel 0 goto otter

-= section cut =-

echo location Otter found!
echo .
echo merging registry...
regedit /s otter.reg
goto end

-= section cut =-

-- end of the copy-paste from the auto-detect script--
A full copy of the script was posted a few days ago and is available upon

--Original Message --

-= section cut =-

  1) What do I need to do in order to logon to my company network when I am
at work, and logon to my home network when I am at home? They have different
domain names. Do I need to join/leave the domains everytime before I can use
the network shares? Or did I designed the network wrongly?

  2) If it is not possible to join both domains in the same machine, what
changes could I make to the network(s)? I am asking this question because I
saw a pull down combo box in the Windows logon screen.

  3) Can I logon using wireless LAN? 'coz someone told me that wireless LAN
drivers have to be loaded and activated after logged on to the machine.. If
this is possible, what nic and access points are needed? Or Perhaps could
this be a limitation in Windows so that these wlan nic must be started after
user logon? Could anyone having experience on this matter share with me? I
would like to hear from both success and failed ones.

  4) Is it possible to logon to my company network over Internet or whatever
mechanism from remote places? so that I can gain access to those file shares
when I am at home.

Sorry to ask so many questions. I am a newbie to windows networking..and I
hope these are not off-list questions.


 -- Original Message --

More information about the samba mailing list