Solved

SBS 2011 Mapped Drives for Different Departments

Posted on 2012-12-26
8
541 Views
Last Modified: 2013-01-03
I've recently setup a server running SBS 2011 for approximately 30 users. I now need to configure some mapped drives for them, however they have a few different departments (accounts, HR, etc) and require access to different mapped drives.

I understand how to do drive mapping using group policy (have done it before in 'single department' situations), but not sure how to split the drive maps between the different departments/groups.

Can anyone help with this?
0
Comment
Question by:dbasplus
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 250 total points
ID: 38722968
0
 
LVL 9

Expert Comment

by:TazDevil1674
ID: 38722986
You should consider Group Policy Preferences which will allow you to map drives depending on Security Group Membership, this is very flexible and great if you have people in multiple Departments.
0
 

Author Comment

by:dbasplus
ID: 38723012
If "Group Policy Preferences" are the 'settings' in Group Policy which allow the mapped drives to be defined, then I've been using those for a while.

From those links above from TG-TIS I think I have to create some Organizational Units (OU's) in the Active Directory Users and Computers. And then create the various mapped drive GPOs and link them to the respective OU. Is that right?

My question then is - how do I put users in the OU groups?
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 9

Accepted Solution

by:
TazDevil1674 earned 250 total points
ID: 38723086
You can either create Security Group and add the relevent users into each Security Group or you can create various OUs in AD Users and Computers and move the users into that sub-OU.

http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx may be of help...
0
 

Author Comment

by:dbasplus
ID: 38725500
Never come across the Security Group idea for drive maps before but I gave it a go and had mixed results.

All my "public" drive maps (not using the security group option) work fine. But my drive maps targeting a security group are not showing up.

I found this link http://www.gpanswers.com/community/13-group-policy-preferences/2798-user-preferences-drive-maps-mapping-drive-based-security-group-membership.html which suggests to tick the "Run in logged-on user's security context (user policy option)." but I still can't get it to work.

I've double checked that my targeted users are part of the new security group I created, and that it is the same security group I'm targeting with the drive map. Frustrating but I'm convinced it's something simple that's stopping this working.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 38734483
Have you made any progress?
0
 

Author Comment

by:dbasplus
ID: 38738279
Took a few days off over new year and came back to this with a fresh mind. Found that it really was something simple - the permissions on the server hosting the shares were preventing my targeted users from mapping those particular shares!

I will split the points here as you have both offered fantastic advice which I will definitely use in the future.

In summary I've found that mapping drives via group policy and targeting the mappings to individual security groups is a great way to separate data from different business departments.
0
 
LVL 9

Expert Comment

by:TazDevil1674
ID: 38739402
Your welcome...
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question