[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2726
  • Last Modified:

How to use WMIC to map a network drive?

Hi Experts,

I would like to use WMIC to change/add some network drive on a remote windows 7/windows XP workstation. Please advise if this is possible?

e.g.
1>add a new network share with drive letter P: connected to \\server-name\share and presistent connection

2>edit existing mapped drive share, same drive letter but change the share UNC path, keep presistent connection

many thanks!
0
nokyplease
Asked:
nokyplease
  • 5
  • 4
  • 2
  • +1
1 Solution
 
grayeCommented:
No, that's not really practical...   The problem is that mapped drive letters are part of the user's profile.  So, you can't really "get to" the user's profile remotely via WMI.

However, you can accomplish what you're after by editing the user's registry hive.   The changes won't happen immediately, but instead would happen the next time they log in.  Is that a viable option for you?
0
 
nokypleaseAuthor Commented:
thanks graye, so there is no way to remotely change a user's mapped drive and take instant effect without user's interaction?

if so, please can you teach me how to accomplish this via editing registry?

0
 
Russell_VenableCommented:
To make a share remotely you can call this.

wmic, and then press ENTER.
Type /node:computer name where computer name is the name of the target computer. If you want to pass administrator credentials, type /user:"domain\username", to receive a prompt for a password.
Type the following line where c:\test is the path to the folder that you want to share:
share call create "", "this is the comments section", "maximum number of connections", "this is the share name", "", "C:\test", 0
Reference:KB295622

Using DISKPART.exe you can assign a new drive letter. Both from GUI or Console. You can use MMC to edit the drive using WMI if its a domain, works the same.

Reference:DISKPART


So having known this you can call WIN32_Process and "Create"\Run a commandline tool to use diskpart to change the drive letter or Create Wrapper for that exe or sending commands to it using SendMessage().

I am not a powershell user, but this should be enough information to get you in the right direction.

Warning:Changing your boot partion drive letter will lock you out!!! be careful.

Even with all of this you would still need to do either 1.) reboot 2.) disconnect & delete + recreate the mapped drive.

Your best bet is to use a batch file on the remote computer and call it with WMI. I really dont think you want to get into any low level programming for this.

Example:
@echo off
net use x: /delete
rem remapping drive
net use w: \\newshare

Open in new window

0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
grayeCommented:
Before we go down that path, let's make sure we aren't missing some obvious alternatives.

Mapping of drive letters is a very common thing that is included in a login script.  Most PCs in an domain environment have many login scripts that run via Window's Group Policy Objects (GPOs).  It would be a trivial task to add a few lines of text to an existing login script (or create a new one) to accomplish this common tasks.

Again, these changes would only take place the next time the person logged onto their computer.  Please let us know if you'd like to explore this option or wish to continue down the path of a separate script/program/utility
0
 
wls3Commented:
Here is more information on the share alias.  As noted above, with WMI the create is possible, but, the modification might be a little more challenging.

PS C:\Users\wsteele> wmic share call /?

Method execution operations.
USAGE:

CALL <method name> [<actual paramlist>]
NOTE: <actual paramlist> ::= <actual param> | <actual param>,  <actual paramlist>

The following alias verb(s)/method(s) are available:

Call                    [ In/Out ]Params&type                   Status
====                    =====================                   ======
Create                  [IN ]Access(OBJECT)                     (null)

                        [IN ]Description(STRING)

                        [IN ]MaximumAllowed(UINT32)

                        [IN ]Name(STRING)

                        [IN ]Password(STRING)

                        [IN ]Path(STRING)

                        [IN ]Type(UINT32)

Delete                                                          (null)


SetShareInfo            [IN ]Access(OBJECT)                     (null)

                        [IN ]Description(STRING)

                        [IN ]MaximumAllowed(UINT32)

Open in new window


These are the limitations of the WMIC share alias.  

As far as modifying a specific registry file for another user, this is a little trickier.  There is way to temporarily load another user's registry file and open it without logging into their account using the reg utility.  This uses the reg.exe utlity to load a user.dat file from a path other than the current user.  NOTE: This assumes you do not have roaming profiles.

reg load hku/temp "\\192.168.0.1\c$\users\someuser\ntuser.dat"

Open in new window


This loads the registry settings for user someuser into a an HKEY_USERS hive called temp.  You could then work against this profile\hive when using Powershell.  After you are done, be sure to run the following command to release the file.

reg unload hku\temp

Open in new window






0
 
nokypleaseAuthor Commented:
That wmic share is for remotely setup a network share but not remotely mapping a drive...

I would like to know if there is any method that can remotely map a network share instead of going to user's PC or ask the user map it manually. I know about login script, but this cannot fullfill my requirement that can be take effect instantly. Also cannot meet the situation when the share is just for one time use....

thanks.
0
 
Russell_VenableCommented:
Your first paragraph is not possible the way shares are designed to work. You MUST map a drive as that I how it is shared. Network share is just another name for drive sharing only difference is the context on how you use it.

Just use wmi in a script like a vbs script and use the namespace Win32_Share and create it from there. All you have to do is one thing on there pc. Enable remote WMI and then add the \\domaim\root\Cimv2:Win32_Share in your management scope, connect to the computer and ["Create"] a share.

Example code from MSDN
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 25
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" _
    & strComputer & "\root\cimv2")
Set objNewShare = objWMIService.Get("Win32_Share")
errReturn = objNewShare.Create _
    ("C:\Finance", "FinanceShare", FILE_SHARE, _
        MAXIMUM_CONNECTIONS, "Public share for the Finance group.")

Open in new window


Just save to text file and save ad a .vbs file extension, change strComputet from "." to the remote computer ip/hostname and this script should work remotely. Last call the file by using cscript yourfile.vbs .
0
 
grayeCommented:
Russell_Venable,  No... he wants the "opposite end" of "Share".  Instead of creating a shared network resource on the remote PC, he wants to create a connection (a mapped drive letter) to an existing shared network resource.

There are several ways to accomplish what you want, but none (that I'm aware of) will meet all of your requirements.
0
 
nokypleaseAuthor Commented:
Hi graye, yes you see what I mean, I want to remotely setup a drive letter on a pc that maps a network share on a server....

so there is no way to do so? please advice.

many thanks!
0
 
grayeCommented:
Well, there's no way (that I know of) to meet 100% of your requirements.

Yes, you can remotely add a permanent network connection to each remote user's registry hive.  But this change will not go into effect until the next time the user logs in.

Another similar technique is to add an item to the remote PC's All User's Startup menu.  This new item will be a short batch file that performs the mapping (an example of this is in Russell_Venable's orginal post).  But again, it will not go into effect until the user logs out and logs back in.

The 3rd technique (and the simplest of the all), is to edit (or create) a login batch file using Active Directory's Group Policy Object (GPO).  The contents of this batch file is the same as the example referenced above).  But yet again... it won't happen until next login.
0
 
nokypleaseAuthor Commented:
what if i execute the batch file on the remote pc using wmic or winrs or psexec? will it be mapped with the user or it will mapped to the administrator account which used to execute the command?
0
 
grayeCommented:
You have correctly identified the problem....  most of the remote execution tools do not run under the context of the current user.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 5
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now