Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Group Policy Item-Level Targeting

Posted on 2010-11-11
5
Medium Priority
?
743 Views
Last Modified: 2012-05-10
Thanks for your help- I am trying to create group policy autp mapping drives for our sites, dcs, workstations.. the objective is to have workstations recognize authentiation with another dc in another site if local resource dc does go down.. group policy then needs to add the correct drives from the site level in my opinion.. for example
if houston dc site goes down (user has mapped network drives to server)
have them authenticate for a high bandwith different site dc an then have group policy change mapped drives to that new dc mapped dirves instead of the local.

Let  me know if i can help anymore.
0
Comment
Question by:Jmarcomb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 24

Expert Comment

by:Awinish
ID: 34109944
The DC authentication happens to give the access to the resource which occurs through SRV records in dns.

Authentication doesn't work like you are expecting,once user is authenticated user can access resource in the domain & if the only dc in the site is down, it will reestablish the same session, so there will be no way what user was accessing preiously will be lost & new drives or something will be mapped.

Drive mapping GPO can be applied at user, computer,site level or domain level,if there is no dc available user can still work bt they will not be able to access resource or update the changes.

I don't think it is possible to achieve what you are expecting.




0
 

Author Comment

by:Jmarcomb
ID: 34112552
Well. if for example the local dc went down- workstation authenticates with off-site dc controller (like it does) and if manually added the offsite mapped drives it would work. Why then can I not have a group policy or logon script recognize hey I am not connected with houston on xxxxx subnet i am connected with new york on xxxxx subnet - use off-site mapped drives instead of local. I have even considered tricking dns to map a general name like "drives" to the server ip address. for example if i have a dns order 1,2,3.. if local resources went down (1) it would hit first off-site to authenticate (2) and in the group policy programming or script programming it would try to find drives.domain.local- and it would auto map those drives. Let me know what anyone thinks.. i really want this disaster recovery

(All sites have WAFS, WAN replicated data and same folder names. Any changes on one site are replicated to the other in a matter of moments)
0
 
LVL 27

Expert Comment

by:davorin
ID: 34113314
0
 

Author Comment

by:Jmarcomb
ID: 34114541
"DFS provides location transparency and redundancy to improve data availability in the face of failure or heavy load by allowing shares in multiple different locations to be logically grouped under one folder"

IT sounds- in theory what I am looking for.. though I do not need actual file replication- I need more details on this feature. I need the logical file share they are talking about.
0
 
LVL 27

Accepted Solution

by:
davorin earned 2000 total points
ID: 34116712
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question