Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Applying GPO to OU to map network Drive

Posted on 2006-07-18
10
Medium Priority
?
741 Views
Last Modified: 2009-01-29
I am setting up a terminal server (2003) to give access to an accounting application to a group called TS ACCT. I have created a batch file named mapn.bat which states "net use n: \\server\share\". The policy is not applying. I linked it to the specific OU and it is not blocking inheritance. Security Filtering is to the TS ACCT Group, and they have the delegated rights to read and apply GPO. Any ideas?????
0
Comment
Question by:Trihimbulus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 6

Expert Comment

by:glennbrown2
ID: 17133274
where in GP have you set the batch file to apply...a login script?

what info do you get when running rsop.msc from the start/run box when a user is logged in
0
 
LVL 5

Expert Comment

by:mkdonohue
ID: 17133618
Use a VB Script to map the drive, not a bat file.

Something like this:

Dim net
set net = Wscript.CreateObject("Wscript.Network")
net.MapNetworkDrive "N:", "\\server\share",T


Save that to a file called mapndrive.vbs in your netlogon share. Map your GPO's login script to that VBS.

This sets a "non persistent" share - meaning it runs each time they login, if they are off the network, the mapping won't appear.
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 2000 total points
ID: 17134232
Firstly, this isn't correct:  net use n: \\server\share\

It should be:  net use n: \\server\share

Next, make sure it's set user User Configuration and is a Logon Script.

Finally, all User Accounts must be in the OU or sub-OU where the GPO is linked.

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Expert Comment

by:mkdonohue
ID: 17134255
One thing I forgot about the .vbs

Add the following line to the beginning:

On Error Resume Next

That will make errors invisible to your clients, for example if they already have manually mapped that drive letter to something else.

I like .vbs because you have more control than the batch files.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17134280
I debate that, but it's personal preference I guess!

There isn't much I can't accomplish in a batch file that can be done with VBS - and I've used both.

I find vbs files way longer to write for simple operations.

0
 

Author Comment

by:Trihimbulus
ID: 17137466
Netman66- I have created a group for the people logging into the Terminal Server and this group is in the Container. Will this work?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17137482
Do you just want this to apply to people logging into the TS? and only when they log into the TS?

If so, the way this is done is to put the TS into it's own OU, create the GPO on this OU and enable Loopback processing.

If your TS is not a Domain Controller or File server and only runs TS then this will work.

But to answer your question, GPOs only apply to User and Computer objects not to Groups.

0
 

Author Comment

by:Trihimbulus
ID: 17139155
"Do you just want this to apply to people logging into the TS? and only when they log into the TS?
If so, the way this is done is to put the TS into it's own OU, create the GPO on this OU and enable Loopback processing."

Thanks I did this and everything seems to work. I placed the users in the same Container and seems to work. In terminal services Configuration, I specified to run a certain program at logon. The problem now is that the Program does start (meaning the mapped drive batch file does work) BUT the taskbar never displays. I disabled the program from starting (just to test setup) and the taskbar does show. Any ideas? Maybe I need to specifiy time paramaters somewhere (ie. start in 10 seconds of logon???)

0
 
LVL 51

Expert Comment

by:Netman66
ID: 17139416
You could delay it from starting, yes.  Is the taskbar simply hidden under the window?

0
 

Author Comment

by:Trihimbulus
ID: 17146389
Actually I need to start a new question Thanks for answering my original!
0

Featured Post

What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question