Universal Groups - mapping drives

Posted on 2008-10-27
Last Modified: 2008-11-03
I have a Active Directory forest that I am attempting to map a drive for a couple of Universal groups that are nested within a DL Group.

I have 2 universal groups that are nested within a DL group. The DL group is listed in the login script but does not run. (I know becasue I have a Wscript Echo that should appear when the drive is mapped).

If I add the user directly to the DL group, the drive mapping works but if I remove it, nothing. The user is a member of both universal groups.

What am I missing?
Question by:broberc6
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 30

Expert Comment

ID: 22812488
What logic are you using to detect group membership within your login script? Not all memberof tests are able to chase nested group memberships.

See the following code listings for examples of group membership tests in login scripts that will test for nested memberships:

Author Comment

ID: 22812674
Below is the script I using for all other working mappings

if InStr(vUserGroups, Lcase("MapXdrive")) Then
WshNetwork.MapNetworkDrive "X:","\\server1\Data\Executive",False
WScript.Echo("Script Ran! ")
End If
LVL 30

Expert Comment

ID: 22812710
Depends on how you are defining vUserGroups. Chances are good that the logic you are using does not test for nested group memberships. See my previous for examples on how to do that.
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now


Author Comment

ID: 22813900
This is how it is declared in the login script

Author Comment

ID: 22813902
LVL 30

Accepted Solution

LauraEHunterMVP earned 125 total points
ID: 22813957
Simply searching the contents of the memberOf attribute will not recurse through nested group memberships. Again, see my previous for examples of how to do so.

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question