Press "Enter" to skip to content

Network Drive Mapping: GPO and Script

0

Presentation

When setting up an Active Directory, one of the first things you want to put and automatic network drive mapping to different users.

As a reminder, a network drive is a share presented to a post / user in the form of a letter such as a hard disk / usb key ….

Implementing network drive mapping

In this tutorial, I’ll introduce two ways to mount a network drive, by GPO, and using a script that should be run at logon.

GPO

1. Open the Group Policy Editor on a domain controller.
Mappage lecteur réseau : editeur de stratégies de groupe

2. Create a new strategy, right-click on the domain name 1 or on an organizational unit and click on Create a GPO object in this domain, and link here 2.
Créer une nouvelle stratégie

3. Give a name with strategy and click OK 1.
Nom de la stratégie

4. Right-click on Strategy 1 and click on Edit 2 to open the editor.
Edition de la strategie

5. Go to User Configuration> Preferences> Windows Settings and double click on Drive Mappings 1.
Chemin d'accès

6. Right click New 1 > Mapped drive 2.
Ajouter un nouveau lecteur

7. Fill out the form:

1 Enter the location of the network share
2 Indicate the letter used
3 Apply
4 OK
A and B to label the network drive

Formulaire lecteur reseau

8. Drive 1 should be visible in Drive Mappings.
Liste des lecteurs

9. Summary of the GPO, by default the drive will be mapped to all users.
Détail de la GPO

Limit mapping to a group

In this part, we will see how to limit the mapping to a user group using Item Level Targeting.

1. Edit your player right click on 1 and Properties.
Edition proprietes

2. Go to the Common tab 1, tick “Item Level Targeting” 2 and click on Targeting 3.
Activer le ciblage

3. Click New Item 1 and select Security Group 2.
Ciblage sur un groupe de sécurité

4. Add your group 1 and click OK 2.
Selection de groupe : Grp_Partage_RW

5. It’s over, the P drive will be mapped only to users in the Grp_Partage_RW group. If you go back to the overview of the parameters of the strategy, you can see the elements of the targeting 1.
Parametres du ciblage.

Script

1. Create a new file that should have the vbs extension.

2. Edit the file (Notepad ++, notepad …) and add the codes below:

' En cas d erreur le script continu
On error resume next

' Declaration des variables
Dim WshNetwork

' Declaration des objets
Set WshNetwork = WScript.CreateObject("WScript.Network")

' Mappage du lecteur P
WshNetwork.MapNetworkDrive "P:", "\\LAB-AD1\partage", true

3. Add the script at logon to map the network drive.

Limit mapping to a group

How for the GPO, we will now modify the script to limit the network drive mapping to Grp_partage_RW group.

1. Edit the file:

' En cas d erreur le script continu
On error resume next

' Declaration des variables
Dim WshNetwork,oShell

' Declaration des objets
Set WshNetwork = WScript.CreateObject("WScript.Network")
Set oShell = CreateObject("WScript.Shell")

' Mappage du lecteur P 
If isMember("Grp_Partage_RW") Then
     WshNetwork.MapNetworkDrive "P:", "\\LAB-AD1\partage", true
End If

'#####################################################
'	Functions secondaires
'#####################################################
Function IsMember(groupName)
    If IsEmpty(groupListD) then
        Set groupListD = CreateObject("Scripting.Dictionary")
        groupListD.CompareMode = 1
        ADSPath = EnvString("userdomain") & "/" & EnvString("username")
        Set userPath = GetObject("WinNT://" & ADSPath & ",user")
        For Each listGroup in userPath.Groups
            groupListD.Add listGroup.Name, "-"
        Next
    End if
    IsMember = CBool(groupListD.Exists(groupName))
End Function

Function EnvString(variable)
    variable = "%" & variable & "%"
    EnvString = oShell.ExpandEnvironmentStrings(variable)
End Function

As you can see, we added two functions at the end of the code, which allow verification of the group membership of the connected user. The drive mapping is now subject to condition (if).

Conclusion

GPO or script, both solutions work everything depends what you prefer. If you opt for the script, comment well on your code.

Personally I prefer to use the script because it is executed after logging in, which allows faster loading of the workstation.

 


Related Post

GPO : Loopback Processing In this tutorial, I will try to simply introduce you to how reminder loops work in GPOs. It quickly becomes a joke when we have a mixed environment...
How to deploy an Active Directory environment In this tutorial, we will see how to set up an Active Directory domain. In summary, an Active Directory is a database (LDAP) that contains a set of...
DNS configuration of a redirector Presentation When setting up a DNS server under Windows Server, you must configure a DNS forwarder to public servers to resolve external domain names...
How to install and configure WSUS on Windows Serve... Windows Server Update Service (WSUS) is a built-in role in Windows Server, which enables the implementation of a Microsoft Updates distribution system...

Leave a Reply

Your email address will not be published. Required fields are marked *

It looks like you're using an adblocker.
We use ads to keep our content free. Please support us by turning off your adblocker.