Hate to be that guy... make my ship go

Very new to UCS - trying to set up a AD Domain in my home LAN to see if it would be possible to use UCS as a drop in replacement for my 2012r2 servers at work. I run a very simple single virtual AD setup. It is for user authentication and running a login script only dont even use print services. I wouldn’t expect to do anything fancy (like join a domain and then promote and move out old the network is pretty small) I find it easier to just make a new domain and move the PC’s to it - so every UCS domain would be a new stand alone AD domain for Win10Pro clients [maybe a few Linux if I find its worth the trouble]. I think I have been able to correctly set up DNS and DHCP as I would want (specificly DHCP range for visiting non-domain users and a few disconcerting PC’s - most of those are being taken over by VLANs for WiFi and visitors, so just a few for adding devices etc…) everything else Static - Printers Desktops etc… (truthfully haven’t completely figured out the desktops, do I add static or let the Domain Join do its thing? Does it add to forward and revers lookups? (expect that would be question #1). I can resolve the static devices I have manually entered, I have joined one Win10pro to the Domain, I can also connect to my AD server daxqhome.intranet and when using Windows File explorer I can visit \\daxqhome.intranet\netlogon and see my login script I created with nano (ms-dos format) login.bat in the folder /var/lib/samba/sysvol/daxqhome.intranet/scripts/login.bat and execute the script without issue. Just cannot figure out how to get that to auto run at logon Question #2. I am sure there will be other questions but those are my two main hurtles right now, aside from that it is working just as expected and seems to be doing it job as a ADDC. I have tried to look for the straight answer, but much information found is old from setting UCS registry value, to somehow creating a policy, in my Windows Setup I have a group policy set to run the run the script at login - I can also add the path for the login script to individual users - either approach should work if its run consistently.

I have been reading the manual, and trying to Google for the answers, but nothing seems to explain it plainly - maybe I am missing something in the Documentation - if so please direct to that as well. Thanks.

So maybe this is some kind of rite of passage - one must pass in order to use the software… humm?

Well low and behold! Thanks to this fella (Grandjean) This worked for me:

  • Put the script in /var/lib/samba/sysvol/daxqhome.intranet/scripts/login.bat
  • Make sure you can access it via Windows File manager \daxqhome.intranet\netlogon
  • Logon to a windows client as Administrator of the Domain and open the login.bat file with notepad
  • Resave it - (Apparently using ms-dos format from nano was not good enough)
  • Logon to Univention web interface, open the user you want to use the script and go to the “Account” tab. There you have a field called “Windows logon script”. Enter the name of your script (login.bat) into this field and save the user.
  • Reboot the desktop (client) and boom it was running my login.bat script.

So far that’s what worked for me.