For logon scripts:
The issue you are facing is that Microsoft defaults Windows XP/Vista/7 systems to their “Fast Logon” which logs users in without waiting for the network. Even reverting this feature does not ensure that you system will have the network up and an IP address when the user logs in to their computer. Microsoft has a couple of recommendations for mapped drives other than a login script.
Another issue with login scripts that map drives is that if a user is a local administrator of the system login scripts happen prior to the administrator token stripping in Windows Vista/7. This means that the user does not see and cannot access their mapped drives. Conversely, drives mapped under the stripped token cannot be seen by elevated processes. There is a reg hack to allow drives mapped to be seen elevated and non-elevated.
So to get login scripts to work on systems reliably, there are some things to do.
1. To force the computer to wait for the network use this GPO:
Computer Configuration\Administrative Templates\System\Logon\ Always wait for the network at computer startup and logon
2. Use a local stub login script to start the primary login script. This stub runs and checks that the system can connect to the network share then runs the script from the network share.
Your stub script needs to include a sleep loop to look for connectivity. I use a loop that checks every 10 seconds and wait up to 5 minutes before failing.
3. Now the fun stuff, since Windows Vista / 7 split the administrator token during login if the user is a local administrator and the login script runs before the token split this means a user will not see the mapped drive(s). To fix this you need to add a reg hack to the system.
<pre>REM --- Allow elevated and non-elevated process to see all the drive mappings.
REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLinkedConnections /t REG_DWORD /d 1 /F
You can also set scripts to run synchronously as well but I have not seen any advantages to that setting for this issue.
For logoff scripts:
The scripts must be local to the system and all actions should be local to the system. You can set a copy in the login script to keep the local copy up to date and push logs from the last shutdown to the network..