• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 313
  • Last Modified:

Server 2003 Group Policy, Not functioning correctly.

I have a single Server 2003 R2 SP2 that is acting as a DC.

Two weird things are occurring that I'm not familiar with:

MORE IMPORTANT ISSUE:
1) I have a GPO that maps a few drives. I edited the mapdrive.bat that this points to to remap the F: drive to another shared location. We manually went to each workstation and changed the F: drive to the new shared location. Upon restarting or logging off and logging back on any of the computers they somehow remapped the F: drive to the old location. I double checked the mapdrive.bat that the GPO was pointed to and it did not have the old location in it. Its as if the old mapdrive.bat is somehow stuck in limbo in the GPO or the old F: drive map is stuck in limbo and keeps getting mapped even though its not defined.

I even denied the GPO to one user and when restarting her computer after disconnecting the old share it reconnected itself to the old share under F:!!! running RSOP.msc showed that the mapdrive.bat startup script GPO was not effecting the computer anymore, however, somehow F: was being automatically mapped? I checked for startup and tasks on the user profile and there's nothing defined.

I checked the DC event log and there's no errors or problems. I'm stumped.

LESS IMPORTANT ISSUE:
2) In Group Policy Management, when creating a new Organizational Unit, it is not automatically using senior GPOs linked to senior OUs. For example, I have an "Employees" GPO right under the domain which has the "Default Domain Policy". I edited the default domain policy to enable RDP on all workstations. It wouldn't take effect until I manually linked the "Default Domain Policy" GPO to that OU. That OU only has a "mapdrive" GPO so there's no GPO conflicting with "Default Domain Policy". Its as if inheritance is blocked but its not? I had to manually right click the OU and link the "Default Domain Policy" to it to make the RDP map work. I'm used to it just inheriting the changes.
0
RFVDB
Asked:
RFVDB
  • 2
1 Solution
 
arnoldCommented:
The drive might have been mapped by the user with the option to reconnect at logon. The exstence of a mapped F: drive will error out when a new location tries to be mapped over an existing drive letter.

Does your mapdrive.bat include the net use F: /delete to clear out a mapped drive prior to mapping a new one on the same drive letter?

Usually it is recommended that changes should be added in their own gpos unless settings such as password policy which can only be managed from the default domain GPO on win2k3.

Check the OU definition to make sure you did not exclude the OU from inheriting top level policies.
0
 
Leon FesterSenior Solutions ArchitectCommented:
What arnold says is true, if persistent drives have been mapped with either /persistent:yes option or "Remember connection" then you first need to delete the drive mapping before restarting.

It's safe to do: net use f: /d /y
alternatively you can delete all drive mappings using:
net use * /d /y
0
 
RFVDBAuthor Commented:
Agggh, I found out what the issue was, I was being stupid and had missed it.

Previous IT company was using profile maps instead of GPOs.

Under the user's Active Directory Properties on the Profile Tab each user had a login script configured. I removed these for each user.
0
 
RFVDBAuthor Commented:
After digging in I found the solution myself - it was pretty simple.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now