Map Drive Script in Group Policy not working

I have a 2003 Domain Controller and a 2008 Terminal Server.  I do not have active directory installed on the terminal server.  I am quite new to both group policy and terminal servers, and especially 2008.  I want to lock down the terminal server as much as possible.  I thought I would try out group policy with something easy - mapping drives.  I got it to work once!  Well, maybe twice, once for myself, and once for another user.  I've been fighting this for about a month.  And I figured if this didn't work, nothing else I tried to do would work either.  I have followed the instructions in the book "Windows Server 2008 Terminal Services Resource Kit" to create an OU and link policies to that.  I've tried different scripts, different securities.  Not sure what all I need to list.  I ran a gpresult in the cmd prompt, and I've run the result wizard in the group policy management.  I didn't see any errors (that I know of) from the cmd prompt.  Do I need to add someting to my 2008 server such as lightweight AD or change the schema on the 2003 (it's currently 2000 mixed with no other options)?  What I know about the network is what I've learned since I've been with this company - I'm the Office Manager with IT responsiblities.  So any books, or links on how to do Group Policy would be greatly appreciated.

thanks
Stephanie
StephanieFosterAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Mike KlineConnect With a Mentor Commented:
What sort of scripts are you using?  Are the scripts part of computer configuration or user configuration within the group policy?   If they are user scripts then you will need to use loopback processing if they are linked at the TS server OU.

You won't need ADAM/ADLDS (lightweight AD) or any schema changes.

Sounds like you have a new role as an IT person now so that is always tough.  Books and recommendations for the future for group policy   http://adisfun.blogspot.com/2009/07/group-policy-recomendations.html

Thanks

Mike
0
 
StephanieFosterAuthor Commented:
The script is just a batch file in the User Configuration.  There is nothing in the Computer Configuration, but it is enabled.
@ECHO

NET USE F: \\W2K3-1\quality\QualityBigDrive

I actually have a logoff script as well, but it didn't ever show up in my gpresult.
@ECHO
NET USE F: /DELETE

Loopback sounds familiar but I don't think I applied it to this?  I only have Logon / Logoff Script under User Configuration (Windows Setting) set up.  Do I need to add something else?

Thanks for the link.  
Stephanie
0
 
Mike KlineConnect With a Mentor Commented:
Ok so the script is in the user configuration portion of the GPO but the GPO is linked to the Terminal Server OU where the server is.   So the user settings won't apply (unless you move the user objects to that OU).

This is where loopback can come in hand (especially for TS boxes).  Darren (GP MVP) has a great overview here

http://sdmsoftware.com/blog/2009/01/06/please-explain-loopback-processing/

Thanks

Mike
0
 
StephanieFosterAuthor Commented:
Well, that worked, at least on the couple users I tried it on.  It didn't seem to work on myself, but that's ok as long as it works for everyone else!
0
All Courses

From novice to tech pro — start learning today.