Solved

Mapping Drives in SBS 2003 based on Group Membership

Posted on 2008-06-18
3
1,875 Views
Last Modified: 2012-06-27
I need to map drives based on AD group membership on an SBS 2003 network.  I've been reading that using GPO is not good for this purpose in SBS becuase it goes againt the native config for SBS.  I just need to be able to do this properly once and for all as the network is growing and constantly mapping drives for new users or current users working on other machines is becoming cumbersome.  Thank you, experts.
0
Comment
Question by:abatemc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 21815854
You can certainly add GPOs to an SBS - I always have done and it is one of the necessary things in order to get your SBS up and running.

The easiest method I would recommend would be to create GPOs in the Group Policy Management Console for each different user group which you want to map the drives for. You add a logon script like the one in the code snippet to the User Configuration, Windows Settings, Scripts (logon/logoff), Logon. You can then configure security filtering as per http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html to ensure the policy is only applied to the correct security groups.

Obviously change drive letters and share paths in the code snippet to match the correct setup for the network.

-tigermatt
rem Map network drive(s)
 
net use Z: \\sbsserver\share /PERSISTENT:YES
net use Y: \\sbsserver\share2 /PERSISTENT:YES

Open in new window

0
 
LVL 1

Author Comment

by:abatemc
ID: 21815895
Ok i understand that part, but where am I telling the GPO that for example:

map z:\ to \\server\group1SHARE for only group1 and
map t:\ to \\server\group2SHARE for only group2?

I guess what I'm asking is, where do i setup a GPO for a particular group?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 125 total points
ID: 21816243
You open the Group Policy Management Console from Administrative Tools. Right-click on your domain in the console tree and press "Create and link a new GPO". Enter a name for the GPO, like "Sales Mapped Drives", then follow the instructions at http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html to filter it so only specific groups pick up the GPO.

Then, create and save the BAT file as per my above post for each department. Save it to \\servername\NETLOGON with a .BAT extension. Then, where you created your GPO above, go and right-click on the policy and press Edit. In the Policy Editor, drill down to User Config > Windows Settings > Scripts (Logon/Logoff). Choose the Logon option. Press Add, then find \\servername\NETLOGON\scriptname.bat, select it and press OK twice.

The policy is now configured.

-tigermatt
1

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question