Group Policy nightmare

Posted on 2008-06-25
Medium Priority
Last Modified: 2010-03-17
This is something for everyone to think on because i'm not really sure if there is an answer.  I have one group policy that runs (default domain policy) and i have a batch file that maps all the drives for those in each OU.  For the most part it works great but the problem is with the HOME USER folder.  I have everyone set the same way in active dir users and comps ( \\server\users\login_name ) but randomly i have usrs that are getting mapped to the folder before their home folder  U:=\\server\users.  

If i have them log off and log back in it seems to be fine.  The next day it might be a couple different users.  It appears to happen to  the same person/s more than one time though.  Users are also having hte issue that sometimes their drive mapping aren't complete (some maps are missing).   I've looked at GPRESULT and all lookss good.  Just can't figure out why some are fine and others are not.  If anyone has any ideas i would love to hear them.  Thanks in advance.

Question by:prutter
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 18

Expert Comment

ID: 21865845
I would always suggest you not to apply any settings on the Default domain policy. Now create a new policy and define the policy setting to map the drive and link and enforce the policy to the OU...do remember to remove the map drive settings on the default domain policy.....  post the logon script also....

Also make sure that this policy is applied to all "authenticated users"....
LVL 30

Expert Comment

ID: 21867199
Why are you mapping the home drive via a login script?  This is better configured within the user's account properties in AD, most easily visible on the Profile tab in ADUC.

Expert Comment

ID: 21867851
Use RSOP (MMC -> Resultant set of policy) on the client computer to find out wich settings are applied.
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.


Author Comment

ID: 21875920

I understand what you are saying but if i did run the login script would or should there be any issues?  It's been running fine for quite some time until we migrated data to our new Filer.  All rights are correct and everything we looked at seems fine.  I will try to take out the home dir from the login script and see what happens.  
LVL 30

Expert Comment

ID: 21875933
Depends on how you're mapping it in the script.  'net use' is such an old command by now that it can act quirky on new client OS's, for example.

Author Comment

ID: 21876323
Is there a better command to use than net use?  i'm not a script writer that's why i keep it simple.
LVL 30

Expert Comment

ID: 21876454
VBScript has the MapNetworkDrive method, but the fact remains that to avoid unpredictable behavior, home drive mappings should be done via user properties in Active Directory and not via script.

Author Comment

ID: 21899230

Something still isn't quite right.  Now if i let ADUC map the drive it mappes most (not all) to the folder above their username.  Any thouhgts?  Ther eis nothing consistant about this whole issue and that's what makes it so hard for me to troubleshoot.

Accepted Solution

prutter earned 0 total points
ID: 22028710
I'm still working on this with Microsoft and with the time they spent on this i can say this is a real problem.

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question