Solved

Group Policy nightmare

Posted on 2008-06-25
9
195 Views
Last Modified: 2010-03-17
This is something for everyone to think on because i'm not really sure if there is an answer.  I have one group policy that runs (default domain policy) and i have a batch file that maps all the drives for those in each OU.  For the most part it works great but the problem is with the HOME USER folder.  I have everyone set the same way in active dir users and comps ( \\server\users\login_name ) but randomly i have usrs that are getting mapped to the folder before their home folder  U:=\\server\users.  

If i have them log off and log back in it seems to be fine.  The next day it might be a couple different users.  It appears to happen to  the same person/s more than one time though.  Users are also having hte issue that sometimes their drive mapping aren't complete (some maps are missing).   I've looked at GPRESULT and all lookss good.  Just can't figure out why some are fine and others are not.  If anyone has any ideas i would love to hear them.  Thanks in advance.

Perry
0
Comment
Question by:prutter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 18

Expert Comment

by:sk_raja_raja
ID: 21865845
I would always suggest you not to apply any settings on the Default domain policy. Now create a new policy and define the policy setting to map the drive and link and enforce the policy to the OU...do remember to remove the map drive settings on the default domain policy.....  post the logon script also....

Also make sure that this policy is applied to all "authenticated users"....
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 21867199
Why are you mapping the home drive via a login script?  This is better configured within the user's account properties in AD, most easily visible on the Profile tab in ADUC.
0
 
LVL 5

Expert Comment

by:minvis
ID: 21867851
Use RSOP (MMC -> Resultant set of policy) on the client computer to find out wich settings are applied.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 

Author Comment

by:prutter
ID: 21875920
LauraEHunterMVP,

I understand what you are saying but if i did run the login script would or should there be any issues?  It's been running fine for quite some time until we migrated data to our new Filer.  All rights are correct and everything we looked at seems fine.  I will try to take out the home dir from the login script and see what happens.  
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 21875933
Depends on how you're mapping it in the script.  'net use' is such an old command by now that it can act quirky on new client OS's, for example.
0
 

Author Comment

by:prutter
ID: 21876323
Is there a better command to use than net use?  i'm not a script writer that's why i keep it simple.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 21876454
VBScript has the MapNetworkDrive method, but the fact remains that to avoid unpredictable behavior, home drive mappings should be done via user properties in Active Directory and not via script.
0
 

Author Comment

by:prutter
ID: 21899230
Laura,

Something still isn't quite right.  Now if i let ADUC map the drive it mappes most (not all) to the folder above their username.  Any thouhgts?  Ther eis nothing consistant about this whole issue and that's what makes it so hard for me to troubleshoot.
0
 

Accepted Solution

by:
prutter earned 0 total points
ID: 22028710
I'm still working on this with Microsoft and with the time they spent on this i can say this is a real problem.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question