I have a 2003 domain with multiple DCs. There is only one domain. I joined a 2012R2 server to the domain with intentions of it being the PDC and demoting the 2003 server holding that role now.
There are login scripts used to MAP drives. it is my understanding that login scripts are no longer supported once 2012R2 is the PDC. I created multiple Group Policy Objects for the different Maps needed depending on the users needs. I created Security Groups for each of the 5 Map drive configuarions I needed. I assigned each user to a Security Group and used Item Level Targeting on the GPO maps so an individual would get the Maps they needed. The Maps were NOT set to Reconnect.
I configured the GPOs from the 2012R2 server. Created a test user with no Login Script and placed them in a Security group. Everything seemed to work fine. As long as I manually deleted the Maps from the computer between switching Security groups to test them. Then I decided to place Deletes/Maps for each drive map before Create/Maps (in priority order) in the GPOs..... so as I moved functions to the new servers I could simply change the GPOs and not have the manually delete the maps in between.
Now nothing works. Not even policies with just Creates. Not even if I manually delete the maps and and run a GPO with just Create/Maps.
I tried to look at GPMC.MSC on the 2003/PDC. I see the GPO, but can't find the Drive Map details. All looks fine in the 2012R2 Group Policy Manager.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory.
If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008.
Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource.
Use Google, Bing, or other preferred search engine to locate trusted NTP …