Solved

Disable Drive Mapping GPO when a user logs into a workstation in a particular subnet

Posted on 2014-04-23
5
507 Views
Last Modified: 2014-04-25
We are running Windows 2008 R2 Native AD and use GPOs to map drives.  This works great, but now I've been asked by a user group to not map drives when they log into a workstation in a particular subnet. Is there any way to do this using GPMC? Or is there a registry hack to tell the workstation not to apply GPOs for every user logging into the workstation??
0
Comment
Question by:gobears1294
  • 2
  • 2
5 Comments
 
LVL 14

Accepted Solution

by:
brendanmeyer earned 350 total points
Comment Utility
on each drive map, go to the common tab,
click Item Level Targeting
click  Targeting
New Item-> IP Address Range
type your IP range
click Item Options
select Is Not

You can add multiple ranges and have different options
0
 
LVL 21

Expert Comment

by:yo_bee
Comment Utility
Are you using Group Policy Preferences or logon script?

If you are using GPP just follow what  BrendanMeyer suggested.

If you are using logon scripts (Which at this point you probably should switch to GPP) you can use WMI Filtering.

Select * FROM Win32_IP4RouteTable WHERE Mask='255.255.255.0' AND Destination Like '192.168.10.%'
0
 

Author Comment

by:gobears1294
Comment Utility
Thanks brendanmeyer and yo_bee

I do use GPO preferences and I will take a look at the Item Level Targeting for each GPO.  I have over 50 drive mapping GPOs.  Do you know if there is a powershell command to configure this item?
0
 
LVL 21

Assisted Solution

by:yo_bee
yo_bee earned 150 total points
Comment Utility
Are you looking to consolidate your 50 GPO's into a single GPO leverage GPP w/ ILT?

I just looked and I do not see any commands to create GPP within GPO via Powershell.

There are cmdlets to create GPO's and set Reg values, but GPP is XML based.

You most likely will need to create each mapping 1 by 1.  
I had to do it for my 107 Printers.
:(

Sorry.
0
 

Author Closing Comment

by:gobears1294
Comment Utility
Thanks to both brendanmeyer and yo_bee for their insight.  I'll be addressing this issue on a drive mapping by drive mapping basis.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now