Solved

Applying GPO to OU to map network Drive

Posted on 2006-07-18
10
739 Views
Last Modified: 2009-01-29
I am setting up a terminal server (2003) to give access to an accounting application to a group called TS ACCT. I have created a batch file named mapn.bat which states "net use n: \\server\share\". The policy is not applying. I linked it to the specific OU and it is not blocking inheritance. Security Filtering is to the TS ACCT Group, and they have the delegated rights to read and apply GPO. Any ideas?????
0
Comment
Question by:Trihimbulus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 6

Expert Comment

by:glennbrown2
ID: 17133274
where in GP have you set the batch file to apply...a login script?

what info do you get when running rsop.msc from the start/run box when a user is logged in
0
 
LVL 5

Expert Comment

by:mkdonohue
ID: 17133618
Use a VB Script to map the drive, not a bat file.

Something like this:

Dim net
set net = Wscript.CreateObject("Wscript.Network")
net.MapNetworkDrive "N:", "\\server\share",T


Save that to a file called mapndrive.vbs in your netlogon share. Map your GPO's login script to that VBS.

This sets a "non persistent" share - meaning it runs each time they login, if they are off the network, the mapping won't appear.
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 17134232
Firstly, this isn't correct:  net use n: \\server\share\

It should be:  net use n: \\server\share

Next, make sure it's set user User Configuration and is a Logon Script.

Finally, all User Accounts must be in the OU or sub-OU where the GPO is linked.

0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 5

Expert Comment

by:mkdonohue
ID: 17134255
One thing I forgot about the .vbs

Add the following line to the beginning:

On Error Resume Next

That will make errors invisible to your clients, for example if they already have manually mapped that drive letter to something else.

I like .vbs because you have more control than the batch files.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17134280
I debate that, but it's personal preference I guess!

There isn't much I can't accomplish in a batch file that can be done with VBS - and I've used both.

I find vbs files way longer to write for simple operations.

0
 

Author Comment

by:Trihimbulus
ID: 17137466
Netman66- I have created a group for the people logging into the Terminal Server and this group is in the Container. Will this work?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17137482
Do you just want this to apply to people logging into the TS? and only when they log into the TS?

If so, the way this is done is to put the TS into it's own OU, create the GPO on this OU and enable Loopback processing.

If your TS is not a Domain Controller or File server and only runs TS then this will work.

But to answer your question, GPOs only apply to User and Computer objects not to Groups.

0
 

Author Comment

by:Trihimbulus
ID: 17139155
"Do you just want this to apply to people logging into the TS? and only when they log into the TS?
If so, the way this is done is to put the TS into it's own OU, create the GPO on this OU and enable Loopback processing."

Thanks I did this and everything seems to work. I placed the users in the same Container and seems to work. In terminal services Configuration, I specified to run a certain program at logon. The problem now is that the Program does start (meaning the mapped drive batch file does work) BUT the taskbar never displays. I disabled the program from starting (just to test setup) and the taskbar does show. Any ideas? Maybe I need to specifiy time paramaters somewhere (ie. start in 10 seconds of logon???)

0
 
LVL 51

Expert Comment

by:Netman66
ID: 17139416
You could delay it from starting, yes.  Is the taskbar simply hidden under the window?

0
 

Author Comment

by:Trihimbulus
ID: 17146389
Actually I need to start a new question Thanks for answering my original!
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question