Solved

Group Policy

Posted on 2014-09-18
6
213 Views
Last Modified: 2014-10-07
I have a 2003 domain with multiple DCs.  There is only one domain.  I joined a 2012R2 server to the domain with intentions of it being the PDC and demoting the 2003 server holding that role now.

There are login scripts used to MAP drives.  it is my understanding that login scripts are no longer supported once 2012R2 is the PDC.  I created multiple Group Policy Objects for the different Maps needed depending on the users needs.  I created Security Groups for each of the 5 Map drive configuarions I needed.  I assigned each user to a Security Group and used Item Level Targeting on the GPO maps so an individual  would get the Maps they needed.  The Maps were NOT set to Reconnect.

I configured the GPOs from the 2012R2 server.  Created a test user with no Login Script and placed them in a Security group.  Everything seemed to work fine.  As long as I manually deleted the Maps from the computer between switching Security groups to test them.   Then I decided to place Deletes/Maps for each drive map before Create/Maps (in priority order) in the GPOs..... so as I moved functions to the new servers I could simply change the GPOs and not have the manually delete the maps in between.

Now nothing works.  Not even policies with just Creates.  Not even if I manually delete the maps and and run a GPO with just Create/Maps.

I tried to look at GPMC.MSC on the 2003/PDC.  I see the GPO, but can't find the Drive Map details.  All looks fine in the 2012R2 Group Policy Manager.  

GPOs are Link Enabled to the Domain.

Thank You
0
Comment
Question by:howmad2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 22

Expert Comment

by:mcsween
ID: 40330204
You should change the action to Update which destroys anything that is there before creating the new one.

Login scripts do work under a Windows Server 2012 R2 domain. (not that I'm recommending them)  Windows 8.1 clients will by default delay the running of login scripts by 5 minutes to minimize disk access at login.  This applies to the clients, it doesn't matter what version your server is.  This can also be changed via the Group Policy "configure login script delay" setting.
0
 

Author Comment

by:howmad2
ID: 40330442
I changed Create to Update and got rid of the Delete's.  Logged in with Win7 machine.  The two existing Maps were deleted but nothing replace them...
0
 
LVL 22

Expert Comment

by:mcsween
ID: 40330845
Please check that your policy looks like this.  Also make sure you set this up under User Config and link to an OU with users in it.
123
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 
LVL 20

Expert Comment

by:compdigit44
ID: 40334716
Any errors in the event logs on the client?

Have you tried to disable Fast Logon?

Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon
0
 

Accepted Solution

by:
howmad2 earned 0 total points
ID: 40357775
Ill I needed to do was prioritze the policy.  Works.
0
 

Author Closing Comment

by:howmad2
ID: 40365518
This was what solved my issue.  It was not addressed in the responses  I appreciate everyones help.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question