Solved

Having Issues with mapping drives and printers via group policy (via user settings)

Posted on 2014-09-14
2
435 Views
Last Modified: 2014-09-24
Okay, we have 3 properties, each has their own IT department. We are all under the same domain, each property has their own OU folder.  It's a mess, zero organization as far as computers and users. All the Computers from all 3 properties were thrown in the default folder and left there to rot. I have since taken the opportunity at least move our properties Computers and Users under our OU and in their own  as well . Looks like this... Domain > Our Property  > computers /or users > department > (computer name). Now my boss gave me a project to get started on some GPO's , from setting a default wallpaper, locking theme, map dept network share's  and printers, disable saving locally and to force the user to only be able to save to network share,(folder redirecting?)
Anyway all that aside I successfully managed to  apply a default wallpaper and lock down the theme for all users. Now I'm getting stuck on mapping the shares and printers. I've read and watched the correct process as far as the settings and item level targeting but I feel I'm missing a step.
Now since I organized the Computers and Users where exactly should I be placing the links for the Policy?  I have them in our properties security group's folder ( item level targeting our security group) also in our Employees OU (Not in the departments OU). Should I be placing a GPO link inside the Computer OU as well even though its all in user settings? Security filtering is left on Authentication, no wmi filters, Made sure the policies are enabled. Just kind of ran out of options.. :( Where do I start looking for the Issues as far as troubleshooting. Are the GPO links too far down the tree? Ran a gpudate /force and gpresult /v (does not say anything about the gpo). Any Help appreciated. here is a sample of how our AD looks Example
0
Comment
Question by:M B
2 Comments
 
LVL 23

Expert Comment

by:Coralon
ID: 40322389
You are better off breaking up your drive mapping & printer mapping departments into separate policies per department OU.

If your departments are 'simple enough' (i.e. no real variation in printers & mapped drives), then you can eliminate the target filtering.  (WMI definitely slows down policy application substantially the more complicated your targeting is).  If it is not that simple, then your better bet is to remove the targeting, create individual security groups for drives and/or printers (I'm guessing you'll need more for printers than drive mappings), and then change your security filtering on the policies from Authenticated Users to your specific security groups.  (Security filtering is much faster than WMI filtering).

Employees\
	Accounting
		Accounting Drive & Printer GPO
	Administration
		Administration Drive & Printer GPO
	Cage
		Cage Drive & Printer GPO

Open in new window


Now, as far as your troubleshooting, use your Group Policy Modeling and Group Policy Results wizards to compare what you *think* you are supposed to get and what you actually get.  The HTML format will show you the GPOs that should apply and the ones that are being blocked for whatever reason.

For the policies on the computer OUs, disable the user policy section, and on the user section, you will want to disable the computer section.

Coralon
0
 
LVL 4

Accepted Solution

by:
Neeraj Kumar earned 500 total points
ID: 40322392
Check the below mentioned things related to your policy which is not working

1. Scope of policy (Will show the OU where the policy will apply) - > Make sure your user or computer should be part of this OU related to your policy settings.

2.  Security filtering -> Make sure your authenticated users should be there

3. Check group policy inheritance of particular OU how many policies are showing and make sure there shouldn't be same policy configured in 2 different group policy otherwise it will apply only one policy.

4. It everything is OK related to policy then you need to check on client machine

5. Check the event viewer related to your policy.

6. Run gpresult /h:”%userprofile%\Desktop\RSOP.html” . Check the report and see whether policies is showing in applied section or not.

7. Run rsop.msc command and check the settings of configured policy whether it is in place or not.

From this command you will come to know where is the exact issue.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now