Need Suggestion : When Users Login, A Menu Displays Mapping Choises

Where I work, I have many users that "float" between locations.  We do use logon scripts in our domain, but quite frequently one or two mappings can be wrong for whatever reason and then they pull their profile or even applications over the WAN instead of the LAN causing LOTS of delay.  Before, I've made a simple ANSI menu that asks what location they are at and maps them manually in case they have trouble.  I've found a greart program called Mobile Net Switch, but it's way too detailed and costly for what I'm looking for.  We have 6 locations with servers local at each.  

Any Suggestions?

Thanks!
BzowKAsked:
Who is Participating?
 
bluntTonyConnect With a Mentor Commented:
You can can create the various login scripts, and apply them to the computers using loopback processing in the group policy. That way the login script will run for any user that log on to that machine only - nowhere else.
That way you can apply the correct mappings for all users that log in to the required machines. So, for one GPO which will apply to a number of computers (linked to the OU holding the machines in question):
1. In the user configuration section of the GPO, apply the login script mapping the drives suitable for the machines' location.
2. In the computer configuration section, enable the policy:
Computer COnfiguration | Administrative Templates | System | Group Policy | User Group Policy loopback processing mode
Set this to 'merge' mode. That means that the login script in this GPO will apply to all users who log in to it, along with any other user settings that the user receives from othe GPOS.
Loopback processing allows you configure a specific user environment for specific machines. That way you can negate having to ask the users what drives they want, as the correct drives will be mapped automaticlally.
Let me know if you need more explaination.
0
 
kollenhCommented:
What language are you login scripts?  I've written scripts that do different things based on the IP subnet.  Downside is someone has to maintain the information.  Upside is that it can be built to be a little more infallible than a user clicking the right location.
0
 
kollenhCommented:
I think bluntTony's suggestion is a good one but I believe it's applicable to an environment where the computers are in fixed locations.  If your "floaters" are mobile and take their systems with them, that is not the way you'd want to set them up.
You can, however, assign different login scripts to each AD site.  I think.  I haven't assigned GPs to sites before so have no experience to draw on there.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
bluntTonyCommented:
Maybe BenKellerman can clarify - I understood the question to be that the users are moving from location to location, i.e. sitting at machines fixed in each location.
However I think that linking the GPO to the site should work also. If a user is moving their own laptop around, when it logs in to another physical site, then the appropriate GPO would be applied. I can't see why you couldn't employ loopback processing to a GPO linked to a site. The only thing to be aware of would be that it's at the bottom of the order of precendence, after local settings.
So in effect you would be running a script depending on the IP subnet the machine logs in to.
0
 
Ron MalmsteadInformation Services ManagerCommented:
I think a better option would be to setup the sites and services for both subnets, and use a WMI filter on the GPO.

Example...
Namespace: root\cimv2
Query: SELECT * FROM Win32_NTDomain WHERE ClientSiteName = 'Your-Site-Name'

The above should only apply a Group policy object if the user is logged on within the specified site subnet.

Another option would be to set a machine variable... using setx.exe.... to set the networkd ID, which can be used within the script to allow or exclude execution of specific lines in the script.
One of my previous answers...
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_22746765.html
0
 
bluntTonyCommented:
I don't think running a WMI query is necessary - linking a GPO to a site as mentioned earlier does exactly the same - it will apply only to machines in that site. Furthermore, if you used WMI queries, you would have to link them all to the same OUs, meaning that the machine/user would have to read all of the GPOs in order to decide which one applies to them, possibly slowing down the process.
Providing that the correct subnet objects are linked to the correct sites (which they already should be), linking the GPOs at the site level will mean the correct script applies without having to read unnecessary GPOs.
I agree that you could create one script to apply to all users, and have the script decide which site it's on and map drives accordingly, but you don't have to use WMI to retrieve the IP address etc.., just use the following VBScript (strCurrentSite will hold the name of the current site which you can then do a simple Select/Case structure)...
 
 

Set oAdInfo = CreateObject("ADSystemInfo")
strCurrentSite = oAdInfo.SiteName

Open in new window

0
 
Ron MalmsteadInformation Services ManagerCommented:
My option is for gpo's that aren't linked to site, but rather an OU.
good point though...... if you link it to the site, then it will already filter.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.