SBS 2011 Mapped Drives for Different Departments

dbasplus used Ask the Experts™
I've recently setup a server running SBS 2011 for approximately 30 users. I now need to configure some mapped drives for them, however they have a few different departments (accounts, HR, etc) and require access to different mapped drives.

I understand how to do drive mapping using group policy (have done it before in 'single department' situations), but not sure how to split the drive maps between the different departments/groups.

Can anyone help with this?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
You should consider Group Policy Preferences which will allow you to map drives depending on Security Group Membership, this is very flexible and great if you have people in multiple Departments.


If "Group Policy Preferences" are the 'settings' in Group Policy which allow the mapped drives to be defined, then I've been using those for a while.

From those links above from TG-TIS I think I have to create some Organizational Units (OU's) in the Active Directory Users and Computers. And then create the various mapped drive GPOs and link them to the respective OU. Is that right?

My question then is - how do I put users in the OU groups?
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

You can either create Security Group and add the relevent users into each Security Group or you can create various OUs in AD Users and Computers and move the users into that sub-OU. may be of help...


Never come across the Security Group idea for drive maps before but I gave it a go and had mixed results.

All my "public" drive maps (not using the security group option) work fine. But my drive maps targeting a security group are not showing up.

I found this link which suggests to tick the "Run in logged-on user's security context (user policy option)." but I still can't get it to work.

I've double checked that my targeted users are part of the new security group I created, and that it is the same security group I'm targeting with the drive map. Frustrating but I'm convinced it's something simple that's stopping this working.
Have you made any progress?


Took a few days off over new year and came back to this with a fresh mind. Found that it really was something simple - the permissions on the server hosting the shares were preventing my targeted users from mapping those particular shares!

I will split the points here as you have both offered fantastic advice which I will definitely use in the future.

In summary I've found that mapping drives via group policy and targeting the mappings to individual security groups is a great way to separate data from different business departments.
Your welcome...

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial