Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

How to map drives from domain controller

Experts,

I created a new networked shared folder on our domain server for a department.  Instead of going around to all the local computers and mapping a new drive letter to the shared folder, is there a way to map this from the domain controller?

The network users already have many mapped drives and the new mapped drive letter may have to be unique for each user.  Is there a dos command that would show all mapped drives per networked computer from the domain controller?  That way, I'll know what drive letter is currently mapped for each networked computer.

We currently have two servers one Windows 2003 and the other 2012.

I do have domain admin rights to our servers, just don't have the expertise in this area.  If there is a dos command that would be great, it's simple.  I don't know anything about powershell.

forwiw
0
forwiw2day
Asked:
forwiw2day
  • 7
  • 3
  • 3
  • +1
3 Solutions
 
RizzleCommented:
I would advise creating login scripts for the users and then in the login script you would ou  the drives you need the users to have.

You could also map the drives via group policy preferences which is the way we're doing it moving forward. But the GPO with the drive mappings in would need to be applied to an OU with the users who need the drives are in.

Heres further info on Group policy preferences to map user drives:
http://www.howtogeek.com/99403/it-how-to-map-network-drives-on-windows-clients-via-group-policy/
0
 
forwiw2dayAuthor Commented:
I tried the above  group policy method on the 2012 server, but can't enter the mapped drive location, as it exist on the 2003 server.  

Does anyone know where the location is for the script bat file to be placed on the 2003 server?
0
 
RizzleCommented:
you would create the .bat file and then assign this to the user in AD under their login script.

An example of a login script which maps drives is located here:

http://www.watchingthenet.com/create-a-batch-file-to-map-drives-folders.html
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Lee W, MVPTechnology and Business Process AdvisorCommented:
You can create a simple batch script that will apply to all users or use additional utilities to check group membership and map only to specific users.

net use x: \\server\share /p:n

Open in new window

The above command, when saved to a text file called "something.cmd" (you can change "something" but must end in .cmd) should connect the network drive \\server\share to letter x: but NOT make it permanent (/p:n).  Not making it permanent is fine since the script executes at logon every time.

You'll need to find the ifmember utility from TechNet (if memory serves - might be a resource kit tool) to check group membership and use an if statement in it.

Another option would be a vb script - Microsoft has a sample one at https://technet.microsoft.com/en-us/library/cc758918%28v=ws.10%29.aspx

'From https://technet.microsoft.com/en-us/library/cc758918%28v=ws.10%29.aspx
Const ENGINEERING_GROUP     = "cn=engineering"
Const FINANCE_GROUP         = "cn=finance"
Const HUMAN_RESOURCES_GROUP = "cn=human resources"

Set wshNetwork = CreateObject("WScript.Network")
wshNetwork.MapNetworkDrive "h:",
"\\FileServer\Users\" & wshNetwork.UserName

Set ADSysInfo = CreateObject("ADSystemInfo")
Set CurrentUser = GetObject("LDAP://" &
ADSysInfo.UserName)
strGroups = LCase(Join(CurrentUser.MemberOf))

If InStr(strGroups, ENGINEERING_GROUP) Then

    wshNetwork.MapNetworkDrive "g:",
    "\\FileServer\Engineering\"
    wshNetwork.AddWindowsPrinterConnection
    "\\PrintServer\EngLaser"
    wshNetwork.AddWindowsPrinterConnection
    "\\PrintServer\Plotter"
    wshNetWork.SetDefaultPrinter
    "\\PrintServer\EngLaser"

ElseIf InStr(strGroups, FINANCE_GROUP) Then

    wshNetwork.MapNetworkDrive "g:",
    "\\FileServer\Finance\"
    wshNetwork.AddWindowsPrinterConnection
    "\\PrintServer\FinLaser"
    wshNetWork.SetDefaultPrinter
    "\\PrintServer\FinLaser"

ElseIf InStr(strGroups, HUMAN_RESOURCES_GROUP) Then

    wshNetwork.MapNetworkDrive "g:",
    "\\FileServer\Human Resources\"
    wshNetwork.AddWindowsPrinterConnection
    "\\PrintServer\HrLaser"
    wshNetWork.SetDefaultPrinter
    "\\PrintServer\HrLaser"

End If

Open in new window

Save the above code as "something.vbs"

Once you have the script, you need to place it in the following folder on your domain controller (any DC - it should replicate out to any other DC you have) - c:\Windows\sysvol\sysvol\<domainname>\scripts and adjust the user account properties under the profile tab and where it says logon script - enter JUST the script name - something.vbs or something.cmd.

Another way to do this is with Group Policy Preferences as described by Roshan Ejaz.
0
 
forwiw2dayAuthor Commented:
Thanks Lee... I put the script file in the location you provided c:\Windows\sysvol\...

I logged off/on my computer (Windows 7 Pro) and my mapped drive did not show?
This is what I have typed in the MAPSALES.CMD script file:
Net Use O:\\server name\folder name

In my Profile tab under Logon script I have MAPSALES.CMD.

Any Ideas what's wrong?
0
 
forwiw2dayAuthor Commented:
PS...  I just noticed that Lee... You mentioned for ALL users.  This script for the mapped drive is only for one department, NOT ALL users.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
Then you need the IFMEMBER utility I mentioned.  It gets trickier unless you use the VB script from the MS page I linked to or you could use the Group Policy that was mentioned before.
0
 
forwiw2dayAuthor Commented:
I tried the Group Policy on our 2012 server, but can't since the location is on our 2003 server.  I'm not at all familiar with the VB script method.  Darn, so close.
0
 
NVITCommented:
...dos command that would show all mapped drives per networked computer?

One way is to add these 2 lines to your current main or central logon .BAT that is called when users logon. Do you already have some kind of main logon .BAT?
Set FNCurrMaps=\\server\share\CurrMaps.txt
(echo Computer: %computername% , User: %username%& net use | find ":")>>"%FNCurrMaps%"

Open in new window

0
 
forwiw2dayAuthor Commented:
NewVillageIT:  No.  What folder (we have Windows 2003 server) would this .BAT file be placed?
0
 
forwiw2dayAuthor Commented:
Lee:  Can't find the IFMEMBER utility, sorry.
0
 
NVITCommented:
@forwiw2day...
One place it may be placed is : \\servername\SYSVOL\domain.com\scripts
Note: Your server name and domain will differ.

Also for your domain, check your group policy User Configuration > Windows Settings > Scripts (Logon/Logoff) > Logon. Any .bat (or other command for that matter) called from there will show. If so, pick the Show Files button, which takes you to the folder.
0
 
NVITCommented:
Revised: Added .bat method of IfMember. Doesn't require additional IFMEMBER utility.

@forwiw2day

Just wondering if you still need help with this...

Have you decided on a method to use, i.e.
1) .bat
2) VB
3) Group Policy Preferences (GPP)

For a DOS method, here's .bat code that calls the DSQUERY and DSGET Active Directory commands instead of IFMEMBER utility:
call :IfMember "backup operators"
if %errorlevel% equ 0 net use z: \\server\share1
REM ...
REM Rest of your code here
REM ...
goto :eof

:IfMember
dsquery user -samid %username% | dsget user -memberof | find /i "%~1"
goto :eof

Open in new window

With VB... You're not familiar with it so I don't know if you're comfortable with that method. Still, I'm sure Lee or another expert won't mind helping you, if you decide to use it.

The GPP method removes the programming requirement. But, if this is new territory for you, it may take some time and experimentation getting comfortable with it.

I tried the Group Policy on our 2012 server, but can't since the location is on our 2003 server
Do you mean you can't because your DC is 2003? If you still want to pursue this route, you'd need to install client-side extensions (CSEs) on the 2003 server. See https://technet.microsoft.com/en-us/library/cc731892%28v=ws.10%29.aspx

Using the GPP and expanding on Roshan's suggestion, here's a method to connect shares to drive letters based on group membership http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx

Let us know if you need help.
0
 
forwiw2dayAuthor Commented:
Sorry for the delay... swamped at work.  The quickest fix was for me to go to each computer a manually map the drive.  When I have more time, I'll revisit.  Thanks for your time and replies.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I could swear I have it working at least at one site with Win7.  But this blog provides an alternative using net use -

net user /domain %username% | find "MYOB Users"
if not errorlevel = 1 (
net use m: \\JCC-SBS\MYOB
)

Open in new window


http://clintboessen.blogspot.com/2011/02/ifmemberexe-doesnt-work-windows.html
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 7
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now