First configured the mapped network drive at the Domain GPO Level by logging into GP Management > Group Policy Objects
User Configuration > Preferences > Windows Settings > Drive Maps > All Tasks and Created New Drive Mapping
Selected Action "Create"
Selected Location: \\Server Name\ Folder Name
Reconnect Checked and Label As " folder name"
User Drive letter
Show All Drives
Clicked on Common Tab and Run in logged on user's security context.
Click OK - Refreshed GPO and Refreshed Domain GPO
Logged on to the server and Ran GPUpdate /force
Made sure GPO status as enabled.
Now logged on storefront URL and clicked on Desktop
Desktop tried to launch but got error " to log onto this box, you should be in remote desktop users group"
Even though, i am in the users list on the published desktop app in app center. Logged into both servers and added my test account to remote desktop users group.
Now logged off and logged back in again and launched published desktop, i was able to log in, but i was unable to see the drive i have configured through GPO.
Went back to my GPO, clicked on Common Tab again and i have to select "Item-level targeting" and click on Targeting..
Courtesy: Found it in MS Tech Net Blog. Link is mentioned below.
http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx
I am able to log in to published desktop. when i opened windows explorer, i can able to see the drive.
But, this solution is not useful for my particular scenario. As my end users are from a different domain controller access the server in a different domain controller. Then thought of logon script. Whoever log onto the server will be able to access the share drive using logon script.
Created a simple batch file using net use command to map network share drive
@echo off
net use X: "\\network shared drive" /persistent:yes
Courtesy: Found it in one of the blogs as follows
****Try creating a batch file to issue the Net Use command and place it here:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Edit: Note when you open Notepad to create the file make sure you use "Run as Administrator" or it won't let you save the the directory above. Also if your network path has spaces be sure to enclose it in " ". ******
and kept in to the windows start up.
C:\programdata\microsoft\windows\start menu\programs\Startup
Now whoever log on to this server will be mapped to this share drive and if they have permission, the drive will be mapped and was able to access. If they don't it will simply say access denied and it won't even show up in the windows explorer.
We can also map the network drive and place it in the domain controller / Net Log on Scripts and configure under User profile in Active Directory in User Profile Tab.
Courtesy: helpdesk.egnyte.com
Thanks alot
Full Link is as follows: https://helpdesk.egnyte.com/hc/en-us/articles/201638304-Mapping-a-drive-using-a-net-use-command-and-logon-scripts-for-domain-users
User Configuration > Preferences > Windows Settings > Drive Maps > All Tasks and Created New Drive Mapping
Selected Action "Create"
Selected Location: \\Server Name\ Folder Name
Reconnect Checked and Label As " folder name"
User Drive letter
Show All Drives
Clicked on Common Tab and Run in logged on user's security context.
Click OK - Refreshed GPO and Refreshed Domain GPO
Logged on to the server and Ran GPUpdate /force
Made sure GPO status as enabled.
Now logged on storefront URL and clicked on Desktop
Desktop tried to launch but got error " to log onto this box, you should be in remote desktop users group"
Even though, i am in the users list on the published desktop app in app center. Logged into both servers and added my test account to remote desktop users group.
Now logged off and logged back in again and launched published desktop, i was able to log in, but i was unable to see the drive i have configured through GPO.
Went back to my GPO, clicked on Common Tab again and i have to select "Item-level targeting" and click on Targeting..
Courtesy: Found it in MS Tech Net Blog. Link is mentioned below.
http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx
Click on “New Item” and select “Security Group” and select “Domain Users” group.
Make sure Domain Users group is in the Remote Desktop Users group or not.
Now Save my GPO and Refreshed GPO.
Now Logged into storefront URL and launched Published desktop.
I am able to log in to published desktop. when i opened windows explorer, i can able to see the drive.
but when i click on it, i was getting "Access Denied" error.
Checked Shared and Folder level permission on the shared drive.
Applied my test account read / write access to both shared level and folder level permissions.
Now logged off and logged back in. I was able to see the drive from published desktop and also able to access.
Success
But, this solution is not useful for my particular scenario. As my end users are from a different domain controller access the server in a different domain controller. Then thought of logon script. Whoever log onto the server will be able to access the share drive using logon script.
Created a simple batch file using net use command to map network share drive
@echo off
net use X: "\\network shared drive" /persistent:yes
Courtesy: Found it in one of the blogs as follows
****Try creating a batch file to issue the Net Use command and place it here:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Edit: Note when you open Notepad to create the file make sure you use "Run as Administrator" or it won't let you save the the directory above. Also if your network path has spaces be sure to enclose it in " ". ******
and kept in to the windows start up.
C:\programdata\microsoft\windows\start menu\programs\Startup
Now whoever log on to this server will be mapped to this share drive and if they have permission, the drive will be mapped and was able to access. If they don't it will simply say access denied and it won't even show up in the windows explorer.
We can also map the network drive and place it in the domain controller / Net Log on Scripts and configure under User profile in Active Directory in User Profile Tab.
Courtesy: helpdesk.egnyte.com
Thanks alot
Full Link is as follows: https://helpdesk.egnyte.com/hc/en-us/articles/201638304-Mapping-a-drive-using-a-net-use-command-and-logon-scripts-for-domain-users
Examples of logon scripts that can be used in AD
Auto map network drives on login for all users
- Save the following batch file to the domain controller's NETLOGON share as logon.bat:
@echo off
net use * /delete /yes
net use x: \\server_name\shared_directory_name - Active Directory Users and Computers
- Right click domain name at top left and click Properties > Group Policy > Edit > User Configuration > Windows Settings > Scripts (Logon/Logoff) > Logon > Add...
- Enter path to logon.bat (e.g., \\ACME.local\sysvol\ACME.local\scripts\logon.bat) and click OK three times
- Login from workstation. Drive x: should appear in My Computer.
Auto map network drives on login for certain users:
- Save the following batch file to the domain controller's NETLOGON share as logon.bat:
@echo off
net use * /delete /yes
net use x: \\file_server_name\shared_directory_name - Active Directory Users and Computers > Users > Double click user > Profile
- Enter "logon.bat" (no quotes) in the "Logon script" box and click OK
- Login from workstation as user modified in step 2. Drive x: should appear in My Computer.
For Server 2008 Domains, there is an option using Group Policy Preferences
The following article will provide more information regarding map drive with GPP
No comments:
Post a Comment