MrMay
asked on
still problem with policy and clients
I was hoping someone can help me out
.
I've created a login .bat file to map a new drive to a shared folder (on a 2008 file server). I then added the .bat file to a GPO under the User Configuration logon script.
Most users after a log out/login on their workstations got the map to x drive properly, but some did not. After a numerous login attempts and a reboot it still does not map. I'm assuming its because the workstation is using cached credentials and its not checking the DC for new policies. There is a policy option that forces login-cached credentials to be disabled, and forces an authentication from the workstation every time, but is there a way to force a workstation to check for new policies without turning off cached credentials?
I tried running gpupdate /force on the server but no difference.
.
I've created a login .bat file to map a new drive to a shared folder (on a 2008 file server). I then added the .bat file to a GPO under the User Configuration logon script.
Most users after a log out/login on their workstations got the map to x drive properly, but some did not. After a numerous login attempts and a reboot it still does not map. I'm assuming its because the workstation is using cached credentials and its not checking the DC for new policies. There is a policy option that forces login-cached credentials to be disabled, and forces an authentication from the workstation every time, but is there a way to force a workstation to check for new policies without turning off cached credentials?
I tried running gpupdate /force on the server but no difference.
Perhaps there is something preventing the drive from being mapped. From what I can recall, I think the standard group policy interval is 15 minutes. You would need run the gpupdate /force from the client for it to be effective. To my knowledge the cached credentials should not make a difference. I have had issues in the past trying to GPO .bat files. I find that vbscript works better. If your domain is at the 2008 functional level with Win7 clients, perhaps you could try preferences to map drives?
my advice is to get rid of the .bat file
under you GPO use Group Policy preferences to map the group
if you are running XP then you need this http://www.microsoft.com/download/en/details.aspx?id=3628
this is mapped at log on so it should get away from an credentials and work smoothly
From the workstation use gpresult to see what policy is actually being applied to the workstation.
ASKER
irweazelwallis can u please give more explanation.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As above. We have used this to do drive mapping with item level targeting based on group membership but you can also do it based on other categories. The article linked above gives you a good start.
You can then extend it out to so things like printer mapping.
You can then extend it out to so things like printer mapping.