Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Map Drive not working through Group Policy

Posted on 2013-12-06
19
Medium Priority
?
9,269 Views
Last Modified: 2013-12-09
Tried every possible solution on the internet. I have simple and small setup of Server 2008 R2 as a domain controller for 35 computers. I created a login.bat file to share a common drive between all the users but no matter what it doesn't work at all. If I am running the same login.bat locally on domain computer it works instantly but I need to operate this feature centrally as I have 120 users with no permanent computers to logon.

Domain computer:-
All PCs are Windows 7 64bit

Batch file script :-
@echo off
net use * /delete /yes
net use x: \\server_name\shared_directory_name

Registry trick tried & didn't work :-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=dword:00000001
0
Comment
Question by:ibrahim52
19 Comments
 
LVL 12

Author Comment

by:ibrahim52
ID: 39700405
I could achieve my requirement through alternate way but I also need to have user based mapped drives.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39700438
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 39700564
I am going to the site Mahesh in sometime. Ill let you know.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Author Comment

by:ibrahim52
ID: 39700600
I had tried it but it didn't work. I don't know it works locally on server 2008 but not on the domain computers. Every other policies works fine except map drive. Is there any way to track through event viewer ?
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39700614
have you selected option "run in logged on user's security context" in mapped drive preferences properties "Common" tab

map drive preferences Properties Common tab
Other wise it won't work for users.

Mahesh
0
 
LVL 6

Expert Comment

by:Kyle Davies
ID: 39700870
Hi,

When in GPO right click on "new default domain policy" yours could be different to mine > edit > user configuration > policies > windows settings > scripts > log, the you can browse to the .bat file and add it when done make sure that the policy is enforced, the on the PC open cmd the type in "gpupdate /Force" log off and on and the mapped drive should be there i have it running this way on server 2008 r2 with about 160 users and no issue.

GPO 2008 r2
0
 
LVL 14

Expert Comment

by:Andy M
ID: 39700894
Firstly is the script run from Netlogon or is it done through Group Policy?

If it's Group Policy have you run a GPResult on the machines to establish the script is being picked up and successfully executed?

You could also try adding pauses or adding a piped message to the script to see if you can establish if it's working at all or only partially working.

I.e. After it's deleted the drive get it to pipe a message to a text file on the PC or server then again after it's supposedly mapped the drive - if some of the messages appear on the text file then you know the script is being executed but may be getting interrupted.

Another thing to check is have you denied access to the CMD prompt for users? I've seen this cause problems at a client's site before.
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 39701005
MAHESH :- THANKS A LOT man. the first video tutorial simply worked out of the box but I have around 120 users in AD and to create user based mapping, is there any quick way to achieve instead of running through gui and doing it one by one.

Kyle_Davies :- Yes that was my first attempt, if I run the login.bat locally on pcs it works instantly but if I do it through GPO , it doesn't and also I tried disabling UAC and the registry plus installing some Microsoft Hotfix at server side but didn't help. Thanks for your tip and yeah I did it on Default Domain Policy because whatever OU under it, I want it to apply the same.

Morty500UK :- Can you give me small explanation on different between Netlogon and GPO. As far as I know i did it through GPO only. Through GPO preferences it is working flawlessly as per MAHESH's tutorials.
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 39701011
MAHESH, I am going to give it one more day before distributing the points or accepting a solution because as I said I have 120 users and looking for a quick way to create the policy to have user based mapped drive. Thank you very much for your instant response.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39701018
OK I understand, you want to map separate folder for each user, right?

How many folders per user do you want to map please ?

Mahesh
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 39701197
Just one. Common folder was a success,  I need only user based folders to be available whenever user is logging in. Common folder is working fine for now.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39701237
Then just setup home directories for all users in one shot.
The what you can do, just create one share on server and give authenticated users change share permissions.
On the same folder, Also give authenticated users NTFS permissions as mentioned in below article.
http://support.microsoft.com/kb/555046

Now select all users in OU or run saved queries to get all users, and go to properties, under profiles tab, under home folder type \\server\share\%username% and click apply
Now all users will get new folder same as there logon name under root shared folder and that's all

Next time when user will logon to their workstations, they will get appropriate home directories

This is the only best way I can found to do it without writing complex script.

Mahesh
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 39701832
But is it going to be as a MAPPED network drive or they have to manually look at the server share. I am sorry I still got to work on the solution you provided. I will let you know tomorrow morning, thanks for your continuous response on this issue.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39701875
See, once you put above in Home drive, You need to select "Connect" and need to select drive letter, that's all
\\server\share\%username% will populate drive for all and when user will logon to client computer, he will get home drive (network share drive) with his own name folder
The ultimate purpose of using %username% variable is to populate home directories per user basis in one shot.

Please Read complete thread to understand clearly
http://www.petri.co.il/forums/showthread.php?t=5508

Hope that helps

Mahesh
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39702688
By GPO preference the sane can be achieved see below link

Using Group Policy Preferences (GPP) to map user home drive
http://www.alexcomputerbubble.com/using-group-policy-preferences-gpp-to-map-user-home-drive/
0
 
LVL 12

Author Closing Comment

by:ibrahim52
ID: 39704633
I am still going to follow up with the multiple users way to do later on this question if you are fine with it Mahesh. But for now I am giving the points you totally deserve for.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39704673
Just one quick question:
Do you have already created individual folders for all users with their logon name as folder name?

you can have both options now available either through GP preferences as suggested by Sandesh

OR

You can simply follow my earlier comment to do that


Similarities in both case
You need to setup share and NTFS permissions on root folder in which users folder residing

Differences in both cases
For GP Preferences to deploy home folder for multiple users, Once you setup above root share folder, you need to create two GPOs, one to create user folder and one to map it for user

The method I have suggested do not require GPO and per user folders will be created automatically at destination with %username% variable in one shot and also will get mapped at user logon as home drive (Network share drive)

Mahesh
0
 
LVL 12

Author Comment

by:ibrahim52
ID: 39706140
Honestly Mahesh, its just weekends where I get time to do any R&D and last time I had to create around 60 folders for 60 users and also the policies in preferences. Eyes got tired staring at monitor all the time and finally I pushed the work to my colleague. I have another similar task and will try to apply the way of setting up multiple user and update you over here.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39706788
Ok
Do not forget to check your base folder (in which user home drives will reside) share and security permissions as mentioned in KB article in my
early comment (i.e. http://support.microsoft.com/kb/555046)

Just keep in mind that %username% variable will create same folder as user logon name (pre Windows 2000) attribute.
What I mean to say, if you have already created shared folders per user basis with names other than there logon name, then you cannot automate this task with either variable or GP preferences. Then you need to manually enter their folder path in user properties \ home directories

But if you have already created shared folder with same name as user logon name, then
%username% variable will use same folder and map it per user.

Hope that everything is now clear

Mahesh
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question