Simple group policy not applying...

Posted on 2011-10-22
Last Modified: 2012-05-12
Trying to add a group policy on a windows 2008 domain controller (we have mixed 2003 and 2008 domain controllers in the domain).

Simple policy to map a drive... a batch file that contains:
net use z: "\\fileserver2\Data"

Plain and simple.  I put the batch file in the scripts folder in sysvol.  I can double click the script as the user, and the drives are mapped no problem.  Also, I can call the script as part of the user's profile (the 'login script' part in his profile) and everything works well.  BUT when i try to call it with group policy, with the "logon" in windows settings of the group policy, i get nothing.  I know the user has rights to the folder it's in, and can navigate to that folder and run it manually, but group policy isn't running it.

Anyone got any troubleshooting steps I can try?  
Question by:Mystical_Ice
    LVL 11

    Accepted Solution

    Sure, here are the tips:

    1) Check the user is in correct OU.
    2) Check the policy is applied to user side & nothing is disabled.
    3) Check that Authenticated users are in the applied policy & nothing is denied.
    4) Switch off the machined & start again, run gpresult /force, just to be sure.
    4) Switch off the firewall on client machine where user has logged on once & run RSOP from GPMC on the server.
    5) Run gpresult /v on the client & see if the RSOP said that the user is getting policy, it's applied on the machine.

    If you see that RSOP says policy is applied & gpresult doesn't show, then starts troubleshooting.
    Best place, go to Event Viewer & check GroupPolicy Operational logs.

    Let know if you need something more.

    LVL 41

    Expert Comment

    one more simple solution to add file server path in the user profile and map it. It can be done manually or via using admodify tool if you need to do it for bulk user.
    LVL 57

    Expert Comment

    by:Mike Kline
    Have you thought about using group policy preferences to map drives

    Helps reduce login scripts.



    Author Comment

    Amitkul - that's good, but only room for one mapping. Definitely not a fix, more of a band aid. I appreciate the idea though.

    Mkline - that option only applies to vista and 7 clients, not xp, unless you install a hotfix, which adds way more overhead.

    Ackles - what do you mean make sure authenticated users are in the policy?
    LVL 12

    Expert Comment

    by:Vaseem Mohammed
    You are configuring the script on "Computer configuration" or "user configuration".
    if its on computer configuration, it will not work as when the computer restarts, the script is running on behalf of computer account and it will not have rights on the share.

    Author Comment

    It's under the user configuration
    LVL 11

    Expert Comment

    I mean when you configured GPO did you make it for some special group or used the default?
    Did you run RSOP?

    Author Comment

    RSOP figured out the issue
    LVL 11

    Expert Comment

    Glad that helped

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    One of the major disadvantages of still running XP in production is its lack of Internet Explorer Favourites directory redirection. If your users frequently roam between computers, the usual workaround is to enable Roaming Profiles to have the favou…
    My last post dealt with using group policy preferences to set file associations, a very handy usage for a GPP. Today I am going to share another cool GPP trick, this may be a specific scenario but I run into these situations frequently in my activit…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now