Universal Groups - mapping drives

Posted on 2008-10-27
Last Modified: 2008-11-03
I have a Active Directory forest that I am attempting to map a drive for a couple of Universal groups that are nested within a DL Group.

I have 2 universal groups that are nested within a DL group. The DL group is listed in the login script but does not run. (I know becasue I have a Wscript Echo that should appear when the drive is mapped).

If I add the user directly to the DL group, the drive mapping works but if I remove it, nothing. The user is a member of both universal groups.

What am I missing?
Question by:broberc6
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 30

Expert Comment

ID: 22812488
What logic are you using to detect group membership within your login script? Not all memberof tests are able to chase nested group memberships.

See the following code listings for examples of group membership tests in login scripts that will test for nested memberships:

Author Comment

ID: 22812674
Below is the script I using for all other working mappings

if InStr(vUserGroups, Lcase("MapXdrive")) Then
WshNetwork.MapNetworkDrive "X:","\\server1\Data\Executive",False
WScript.Echo("Script Ran! ")
End If
LVL 30

Expert Comment

ID: 22812710
Depends on how you are defining vUserGroups. Chances are good that the logic you are using does not test for nested group memberships. See my previous for examples on how to do that.
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.


Author Comment

ID: 22813900
This is how it is declared in the login script

Author Comment

ID: 22813902
LVL 30

Accepted Solution

LauraEHunterMVP earned 125 total points
ID: 22813957
Simply searching the contents of the memberOf attribute will not recurse through nested group memberships. Again, see my previous for examples of how to do so.

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question