Truncated AD logon banner

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

I am in a mixed Windows Server 2000/2003 Server AD setting. I have the
Comp Config/Win Settings/Security Settings/Local Policies/Security
Options/Interactive Logon/Msg. Title and Msg. Text GPO settings
enabled for a legal disclaimer. The problem that I am running into is
that my message is a grand total of 1,112 characters (with spaces). I
am getting truncated at 511. I was only able to find <a
href="http://groups.google.com/groups?hl=en&lr=&client=firefox-a&threadm=139f01c3730a%2407950620%24a101280a%40phx.gbl&rnum=1&prev=/groups%3Fq%3Dlogon%2Blegal%2Bnotice%2Btruncated%26hl%3Den%26lr%3D%26client%3Dfirefox-a%26selm%3D139f01c3730a%252407950620%2524a101280a%2540phx.gbl%26rnum%3D1">this
post</a> describing out a resolution. Everything else that I was able
to find references WinNT. I tried writing a custom ADM file with both
of the MAXLEN settings in the Login_Policies construct set to 2048 but
began receiving errors from the DC.
Custom.adm error in line 1
Error 51 Unexpected Keyword
Found: #if
Expected: CLASS, CATEGORY, [strings]
File not loaded
I am pursuing <a href="http://support.microsoft.com/?id=842933">this
MS article</a> and <a
href="http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q225087">this
MS article</a>.
For now, I am completely lost. Does anyone know where to go from here?
Thanks in advance.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

highroller152@hotmail.com (highroller152) wrote in message news:<a23a0dd9.0410131127.63e8e15a@posting.google.com>...
> I am in a mixed Windows Server 2000/2003 Server AD setting. I have the
> Comp Config/Win Settings/Security Settings/Local Policies/Security
> Options/Interactive Logon/Msg. Title and Msg. Text GPO settings
> enabled for a legal disclaimer. The problem that I am running into is
> that my message is a grand total of 1,112 characters (with spaces). I
> am getting truncated at 511. I was only able to find >"http://groups.google.com/groups?hl=en&lr=&client=firefox-a&threadm=139f01c3730a%2407950620%24a101280a%40phx.gbl&rnum=1&prev=/groups%3Fq%3Dlogon%2Blegal%2Bnotice%2Btruncated%26hl%3Den%26lr%3D%26client%3Dfirefox-a%26selm%3D139f01c3730a%252407950620%2524a101280a%2540phx.gbl%26rnum%3D1"
> describing out a resolution. Everything else that I was able
> to find references WinNT. I tried writing a custom ADM file with both
> of the MAXLEN settings in the Login_Policies construct set to 2048 but
> began receiving errors from the DC.
> Custom.adm error in line 1
> Error 51 Unexpected Keyword
> Found: #if
> Expected: CLASS, CATEGORY, [strings]
> File not loaded
> I am pursuing "http://support.microsoft.com/?id=842933" and >"http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q225087"
> For now, I am completely lost. Does anyone know where to go from here?
> Thanks in advance.


Follow-up: Error is fixed with the following adm file content. The
2048 MAXLEN setting did nothing to fix the truncation. Please help:

CLASS MACHINE

CATEGORY !!Login_Policies

POLICY !!LogonBanner

KEYNAME "Software\Microsoft\Windows
NT\CurrentVersion\Winlogon"

PART !!LogonBanner_Caption

EDITTEXT
VALUENAME "LegalNoticeCaption"
MAXLEN 2048
DEFAULT !!LogonBanner_DefCaption
END PART

PART !!LogonBanner_Text

EDITTEXT
VALUENAME "LegalNoticeText"
MAXLEN 2048
DEFAULT !!LogonBanner_DefText
END PART

END POLICY

END CATEGORY

[strings]
Login_Policies="Logon"
LogonBanner="Logon banner"
LogonBanner_Caption="Caption"
LogonBanner_Text="Text"
LogonBanner_DefCaption="Important Notice:"
LogonBanner_DefText="Do not attempt to log on unless you are an
authorized user."
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

highroller152@hotmail.com (highroller152) wrote in message news:<a23a0dd9.0410131127.63e8e15a@posting.google.com>...
> I am in a mixed Windows Server 2000/2003 Server AD setting. I have the
> Comp Config/Win Settings/Security Settings/Local Policies/Security
> Options/Interactive Logon/Msg. Title and Msg. Text GPO settings
> enabled for a legal disclaimer. The problem that I am running into is
> that my message is a grand total of 1,112 characters (with spaces). I
> am getting truncated at 511. I was only able to find
> <a href="http://groups.google.com/groups?hl=en&lr=&client=firefox-a&threadm=139f01c3730a%2407950620%24a101280a%40phx.gbl&rnum=1&prev=/groups%3Fq%3Dlogon%2Blegal%2Bnotice%2Btruncated%26hl%3Den%26lr%3D%26client%3Dfirefox-a%26selm%3D139f01c3730a%252407950620%2524a101280a%2540phx.gbl%26rnum%3D1" /a>
> describing out a resolution. Everything else that I was able
> to find references WinNT. I tried writing a custom ADM file with both
> of the MAXLEN settings in the Login_Policies construct set to 2048 but
> began receiving errors from the DC.
> Custom.adm error in line 1
> Error 51 Unexpected Keyword
> Found: #if
> Expected: CLASS, CATEGORY, [strings]
> File not loaded
> I am pursuing <a href="http://support.microsoft.com/?id=842933" /a> and
> <a href="http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q225087" /a>
> For now, I am completely lost. Does anyone know where to go from here?
> Thanks in advance.


Follow-up: Error is fixed with the following adm file content. The
2048 MAXLEN setting did nothing to fix the truncation. Please help:

CLASS MACHINE

CATEGORY !!Login_Policies

POLICY !!LogonBanner

KEYNAME "Software\Microsoft\Windows
NT\CurrentVersion\Winlogon"

PART !!LogonBanner_Caption

EDITTEXT
VALUENAME "LegalNoticeCaption"
MAXLEN 2048
DEFAULT !!LogonBanner_DefCaption
END PART

PART !!LogonBanner_Text

EDITTEXT
VALUENAME "LegalNoticeText"
MAXLEN 2048
DEFAULT !!LogonBanner_DefText
END PART

END POLICY

END CATEGORY

[strings]
Login_Policies="Logon"
LogonBanner="Logon banner"
LogonBanner_Caption="Caption"
LogonBanner_Text="Text"
LogonBanner_DefCaption="Important Notice:"
LogonBanner_DefText="Do not attempt to log on unless you are an
authorized user."
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

highroller152@hotmail.com (highroller152) wrote in message news:<a23a0dd9.0410140431.169c786e@posting.google.com>...
> highroller152@hotmail.com (highroller152) wrote in message news:<a23a0dd9.0410131127.63e8e15a@posting.google.com>...
> > I am in a mixed Windows Server 2000/2003 Server AD setting. I have the
> > Comp Config/Win Settings/Security Settings/Local Policies/Security
> > Options/Interactive Logon/Msg. Title and Msg. Text GPO settings
> > enabled for a legal disclaimer. The problem that I am running into is
> > that my message is a grand total of 1,112 characters (with spaces). I
> > am getting truncated at 511. I was only able to find
> > <a href="http://groups.google.com/groups?hl=en&lr=&client=firefox-a&threadm=139f01c3730a%2407950620%24a101280a%40phx.gbl&rnum=1&prev=/groups%3Fq%3Dlogon%2Blegal%2Bnotice%2Btruncated%26hl%3Den%26lr%3D%26client%3Dfirefox-a%26selm%3D139f01c3730a%252407950620%2524a101280a%2540phx.gbl%26rnum%3D1" /a>
> > describing out a resolution. Everything else that I was able
> > to find references WinNT. I tried writing a custom ADM file with both
> > of the MAXLEN settings in the Login_Policies construct set to 2048 but
> > began receiving errors from the DC.
> > Custom.adm error in line 1
> > Error 51 Unexpected Keyword
> > Found: #if
> > Expected: CLASS, CATEGORY, [strings]
> > File not loaded
> > I am pursuing <a href="http://support.microsoft.com/?id=842933" /a> and
> > <a href="http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q225087" /a>
> > For now, I am completely lost. Does anyone know where to go from here?
> > Thanks in advance.
>
>
> Follow-up: Error is fixed with the following adm file content. The
> 2048 MAXLEN setting did nothing to fix the truncation. Please help:
>
> CLASS MACHINE
>
> CATEGORY !!Login_Policies
>
> POLICY !!LogonBanner
>
> KEYNAME "Software\Microsoft\Windows
> NT\CurrentVersion\Winlogon"
>
> PART !!LogonBanner_Caption
>
> EDITTEXT
> VALUENAME "LegalNoticeCaption"
> MAXLEN 2048
> DEFAULT !!LogonBanner_DefCaption
> END PART
>
> PART !!LogonBanner_Text
>
> EDITTEXT
> VALUENAME "LegalNoticeText"
> MAXLEN 2048
> DEFAULT !!LogonBanner_DefText
> END PART
>
> END POLICY
>
> END CATEGORY
>
> [strings]
> Login_Policies="Logon"
> LogonBanner="Logon banner"
> LogonBanner_Caption="Caption"
> LogonBanner_Text="Text"
> LogonBanner_DefCaption="Important Notice:"
> LogonBanner_DefText="Do not attempt to log on unless you are an
> authorized user."


Follow up #2: Situation is fixed. Here was the resolution (to try to
help someone else out there):

I was modifying the AD templates on a Win XP SP2 machine with the new
(sp1) group policy manager snapin
(http://www.microsoft.com/windowsserver2003/gpmc/default.mspx). Our
DCs are mixed Win2k and Win2k3. Apparently, when you open the GP
template with the new GPM snap-in that is accessed by a Win2k server,
the template gets updated and the old managers cannot fully read the
new template. There is a hotfix to resolve this:
http://support.microsoft.com/?id=842933
Here is more on upgrading the administrative templates:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/upgradetemplate.mspx
I then opened the template from the Win2k server DC and edited from
that machine. I followed the suggested format in this post:
http://groups.google.com/groups?hl=en&lr=&client=firefox-a&threadm=139f01c3730a%2407950620%24a101280a%40phx.gbl&rnum=1&prev=/groups%3Fq%3Dlogon%2Blegal%2Bnotice%2Btruncated%26hl%3Den%26lr%3D%26client%3Dfirefox-a%26selm%3D139f01c3730a%252407950620%2524a101280a%2540phx.gbl%26rnum%3D1

After all the searching that I did (thankfully, it was all out there,
I just had to dig) I thought that I would put up a few of the sites
that I found to create a logon banner.
Creating Login Banners from CIAC:
http://www.ciac.org/ciac/bulletins/j-043.shtml
Win2k clients do not display banners created in Win2k3 server
templates: http://support.microsoft.com/?kbid=823146
These links were helpful for reference:
WinITPro Article: http://www.winnetmag.com/WindowsSecurity/Article/ArticleID/23074/23074.html
Creating custom .ADM files:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q225087
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Just adding a few words to help with those searching:
log in log-in log-on legal notice caption splash screen
 
D

Dan

Distinguished
Dec 31, 2007
2,208
0
19,780
Archived from groups: microsoft.public.win2000.group_policy (More info?)

Our W2K3 domain GPO includes legal text and it is suddenly not displaying
correctly. Getting truncated and carriage returns where commas are, etc.
Why does it happen and how is it resolved?


"highroller152" <highroller152@hotmail.com> wrote in message
news:a23a0dd9.0410200653.40c1364d@posting.google.com...
> Just adding a few words to help with those searching:
> log in log-in log-on legal notice caption splash screen
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom