Solved

Moving Files servers to DFS

Posted on 2016-09-27
11
33 Views
Last Modified: 2016-09-27
Hi all,

We are planning to move our file servers which are at 2003, 2008 and 2008 R2 to 2012 R2 DFS solution. The problem is that all our network drives are mapped according to user groups using a software KiXtart to which I am not aware of. This was done by a guy probably 7 8 years ago.

So I need suggestions, do I make a new mapping drive letters to user groups system ? Using powershell? If yes, how will be the best way ?

Or should I stick with kiXtart and try to learn it. In KiXtart, we have it as

If InGroup ("domain\group name")
Use D: "\\servername\sharename$"
endif
and it continues for about 14 drives.

Thanks all.
0
Comment
Question by:Exchange User
  • 6
  • 5
11 Comments
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 41817984
Hi

I used KiXtart for many years before Microsoft introduced Drive Maps in Group Policy and now i use that for all my clients that use DFS Drives.

Depending on the number of users/drives you are talking about here, it may take a little time to get in place but once it is, it will work very well.

Thanks
Mark
1
 
LVL 3

Author Comment

by:Exchange User
ID: 41817989
Hi Mark,

One is like a Public drive that has to be mapped for 1000+ users. The rest of the drives are usually by department, such as accounts, finance,sales with roughly 100+ users in sales for example. So GPOs will work fine in that ?
0
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 41818001
Hi

Absolutely. How many Domain Controllers do you have?

For the public drive setup a GPO as high in the AD tree so that it covers all users and set the drive map for that one drive.

Then for each department, set a new GPO for each one, set the drive maps and then apply the GPO to Departmental Groups etc.
1
 
LVL 3

Author Comment

by:Exchange User
ID: 41818012
5 DCs in total. 2 in HQ, 2 in DR site and 1 in the Western branch. Altogether we have 13 branches. But 70% of users are in HQ and DR.

So I cannot do them all in one GPO ? I was just reading about an 'Inclusive Drive Mapping' in which they assign drives to AD security groups using GPO ?
0
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 41818030
Haven't ever used  'Inclusive Drive Mapping'  so cant comment.

I presume you are using GPO for other settings currently? If so, do you have one for each Department?

KiXTart was great for writing one script that used if clauses stating if a user was a member of XXXX AD group then give them access to drives1, 2 &7 etc.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 3

Author Comment

by:Exchange User
ID: 41818037
GPOs are mostly general for all user settings in the company. Files and network access levels are controlled by KiXtart login scripts. So this would probably be the first time for me.
0
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 41818076
Can you put in copy of one of the Kix scripts (having removed ll private info) here so that I can see what your Kix script is doing currently?
0
 
LVL 3

Author Comment

by:Exchange User
ID: 41818082
This is all it is doing. It is going on and on for 21 times, each time with a different drive letter and group and share name.

If InGroup ("domain\group name")
Use A: "\\servername\sharename$"
endif
If InGroup ("domain\group name")
Use B: "\\servername\sharename$"
endif
If InGroup ("domain\group name")
Use C: "\\servername\sharename$"
endif
0
 
LVL 3

Author Comment

by:Exchange User
ID: 41818087
And in the login scrip batch file, we have it like this

\\DC\netlogon\kix32.exe \\DC\netlogon\login.kix
0
 
LVL 13

Accepted Solution

by:
Mark Galvin earned 500 total points
ID: 41818098
Ah ok, nice & simple.

You can either sitck with Kix and change the "\\servername\sharename$" to be the new DFS Path which will most liekly be "\\domainname\sharename$"

OR

If you go GPO you create a new GPO for each Group, set the Drive Marp and then apply that GPO to the relevant Group.

First option is less work.

Second option is more work but will mote options should as Drive Labels etc.

Hope that helps
Mark
0
 
LVL 3

Author Closing Comment

by:Exchange User
ID: 41818174
Thanks alot for your time and suggestions !
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now