Solved

Mapping Drives in SBS 2003 based on Group Membership

Posted on 2008-06-18
3
1,824 Views
Last Modified: 2012-06-27
I need to map drives based on AD group membership on an SBS 2003 network.  I've been reading that using GPO is not good for this purpose in SBS becuase it goes againt the native config for SBS.  I just need to be able to do this properly once and for all as the network is growing and constantly mapping drives for new users or current users working on other machines is becoming cumbersome.  Thank you, experts.
0
Comment
Question by:abatemc
  • 2
3 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 21815854
You can certainly add GPOs to an SBS - I always have done and it is one of the necessary things in order to get your SBS up and running.

The easiest method I would recommend would be to create GPOs in the Group Policy Management Console for each different user group which you want to map the drives for. You add a logon script like the one in the code snippet to the User Configuration, Windows Settings, Scripts (logon/logoff), Logon. You can then configure security filtering as per http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html to ensure the policy is only applied to the correct security groups.

Obviously change drive letters and share paths in the code snippet to match the correct setup for the network.

-tigermatt
rem Map network drive(s)
 

net use Z: \\sbsserver\share /PERSISTENT:YES

net use Y: \\sbsserver\share2 /PERSISTENT:YES

Open in new window

0
 
LVL 1

Author Comment

by:abatemc
ID: 21815895
Ok i understand that part, but where am I telling the GPO that for example:

map z:\ to \\server\group1SHARE for only group1 and
map t:\ to \\server\group2SHARE for only group2?

I guess what I'm asking is, where do i setup a GPO for a particular group?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 125 total points
ID: 21816243
You open the Group Policy Management Console from Administrative Tools. Right-click on your domain in the console tree and press "Create and link a new GPO". Enter a name for the GPO, like "Sales Mapped Drives", then follow the instructions at http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html to filter it so only specific groups pick up the GPO.

Then, create and save the BAT file as per my above post for each department. Save it to \\servername\NETLOGON with a .BAT extension. Then, where you created your GPO above, go and right-click on the policy and press Edit. In the Policy Editor, drill down to User Config > Windows Settings > Scripts (Logon/Logoff). Choose the Logon option. Press Add, then find \\servername\NETLOGON\scriptname.bat, select it and press OK twice.

The policy is now configured.

-tigermatt
1

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now