Nested groups and GPO mapping
Posted on 2014-01-30
We have opted to do drive mapping by GPO using security groups as the determining factor as to who gets what mapped, the issue is say there is a security group called Sales and there is a sub group that is called Marketing. The Sales share contains the Marketing folder, the Sales manager overseas all so his security group is nested in the Marketing group; so when the GPO is created members of the Marketing group get their mapping and the members of the Sales group get both Marketing and Sales when all they really need is Sales as that already contains Marketing. So this is simply an example but what I am dealing with in real world would end up with the Manager (who has a real need to access all folders sub to Sales) that has 10 different drive mappings when s/he only needs one. Any suggestions you could provide that would limit the Sales manager to simply the parent folder and not map the groups he is nested in would be highly appreciated.