Link to home
Start Free TrialLog in
Avatar of dirkdigs

asked on

drive map gpo gpp not applying correctly.

i have defined a new GPO at the domain level. server 2008

defined in this policy is the new "drives maps" group policy preferences policy (user comfig\preferences\windows settings\drive maps), action used is "replaced"

when the policy does apply it maps everything as designed that is not the issue. the issue is for ex. i have 8 servers. i log on to multiple servers but the new drive mappings aren't taking place unless i manually run "gpupdate /force" on that machine.

i dont know if this will be the same for all the clients, is there anything i can do to ensure the policy applies every time. i dont want evry client to have to run a gpupdate /force command to get the new drive mappings.

Avatar of Dave Stringfellow
Dave Stringfellow
Flag of United Kingdom of Great Britain and Northern Ireland image

Each PC will apply the GPO on reboot (or every 90 mins) so you should be ok.
Did you previously use a script to map the drives? Before moving to a group policy based approach?
You should configure the GPO's to run at logon time. You can find some more information over here:
Sorry wrong link, here is the policy location:
Computer Config/Admin Templates/System/Logon/Always wait for the network at computer startup and logon:Enabled.
One issue which may have been overlooked: If you had previously Mapped the same Drive Letters with a Login Script which Mapped them :persistently then they won't clear until you do it manually or force the GPO Update. I suggest you include a "map x /d" where "x" is the previously mapped drive as part of a logon script for all users. It should only be necessary to leave it in place for a day or 2 until people have logged on and the GPO will take over correctly from there.
Avatar of Er1cL

Avatar of dirkdigs


@naykam: yes

do you mean delete all mapped drives first ?

Did you removed/checked the script? Maybe there is still some lines of code that delete all mappings when logging on? Are there any events regarding the GPO extensions in the eventlog ?

@GaryStevens: should i create a new gpo for this and apply it to the domain level? should i do a computer policy or a user level policy ?
I experienced the same problem.

It took me a while but I found a work around.

If you are trying to use GPO to apply mapped drives, that were previously mapped with a script, you need to remove the reference points that still exist in the registry:

Delete any references in:

Restart your computer.

Maybe write a script to delete theses (after testing) then you should find your group policy will work.
Avatar of Gary Stevens
Gary Stevens
Flag of New Zealand image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Does a logon script run before the Drive maps GPP ?

I inserted a logon script to delete al lthe mapped drives using NET USE * /DELETE /Y

i run gpupdate /force

when i log back on i have no drives.
Try removing the mount points as mentioned
that has nothign to do with why the gpp is not mapping the drives now ...
try it
As I said, exactly the same problem I was having. Because the mount points still existed group policy would not map the previously scripted drives.
i built this server after removing the vbs script.
if i take out the delate all mapped drives script from my GPO it is fine. if i keep the logon script in place and map the drives using GPP the drives never get mapped.
A couple of further things to consider.
The Logon Script will delete the drives (X: /D) but is often slow to complete the task before the GPO is refreshed.
Traditionally what I do to solve the problem is create a small file with a couple of characters in it. What they are doesn't matter.
Put this file in the \sysvol\folder (Call it MapDel.txt)
in your logon script add the following:

if exist == c:\mapdel.txt then goto DONE
Copy \\servername\sysvol\mapdel.txt c:\
map X: /d
and the other map ..... /d
gpupdate /force
wait /30
essentially what this will do is check for the file on C:\ local. If it exists then it steps over the remaining script.
otherwise it copies the file to C:\ for the next login check.
the wait /30 slows the process down to allow the gpupdate /force to complete
It often a matter of timing. See how you go.
ps: please check the commands and syntax before use.