Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do I restrict home folders in group policy based on a computer?

Posted on 2010-09-15
7
Medium Priority
?
1,140 Views
Last Modified: 2012-05-10
Basically my problem is,  I am using a couple external harddrives as cheap offsite backup.  And everytime I try to plug in a drive it trys to give it the address of H: which happens to be set as a drive map to the home folder for all users.  I was wondering if there was a way in active directory to not allow mapped drives on a machine, or to disable home folders on a machine.

Thanks,
0
Comment
Question by:omnipotentone
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33683852
You can do this with a GPO...
Configure the settings in GP User Configuration\Administrative Templates\Windows Components\Windows Explorer. Remove "Map Network Drive" and "Disconnect Network Drive".

This will remove the Map Network Drive and Disconnect Network Drive commands from the toolbar and Tools menus in Explorer and My Network Places and removes these commands from menus that appear when you right-click the Windows Explorer or My Network Places icons

Ref link - http://techrepublic.com.com/5208-6230-0.html;jsessionid=6960E568EB2C6878340A6CDA8B371B39?forumID=101&threadID=218237&messageID=2209916&tag=content;leftCol

hope this helps~!
0
 
LVL 31

Accepted Solution

by:
Justin Owens earned 2000 total points
ID: 33683907
If you are wanting to disable the H mapping on one machine every time you log in, you can set up a logon script which has a "if computername = whatever" type logic and then disconnect the mapped drive.  This is done differently in batch, vbscript, etc, so knowing your logon script language would be needed here.  That is the quick, ugly fix.

You can add that machine to an AD security group and then link a logon script to that group to accomplish the same thing.

What you cannot do is set up a GPO inside AD which tells a computer "drive letter H is unavailable for network mapping but ok for removable media".

Justin
0
 
LVL 2

Author Comment

by:omnipotentone
ID: 33683935
No sorry that doesn't help, the drives are mapped as the user logs in.  Thanks though.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 31

Expert Comment

by:Justin Owens
ID: 33683962
That is why I suggested a separate (or appended) logon scrip which will un-map the drive after it is mapped. :)
0
 
LVL 2

Author Comment

by:omnipotentone
ID: 33683978
Justin,
 
That isn't a bad idea.  I know it will work...
 
Anyone else have anything better?  I thought of tweak ui and was going to test that.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34689994
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question