We have all been mapping drives using various methods so long as we have had networked computers. A recent discussion with a colleague revealed that many IT pros still use the same methods they used with NT4, during the last century. Though these methods still work as well today as they did 10 to15 years ago, if enlightened these folk might find some of the newer options using group policy and preferences easier to manage and apply, in a windows domain environment. I am sure this article is a very basic review for most, so I have titled each so that you can quickly locate methods that may be of interest, or skip to using group policy near the end like any good “cliff hanger”.
1) Manually:
The option still exists with Windows 7 to open windows Explorer, click on the menu bar, select “Map a network drive”, select the drive letter and path, and choose whether to reconnect at next logon. This is hardly a reasonable way to deploy mapped drives to multiple users as it would require going desk to desk. The other primary downside to this option is end users can override, delete, and add their own mappings which may conflict with mappings you are trying to push out from the server. The latter to be addressed with the deployment methods #3 and on.
2) From a command line:
Though probably even less practical, the option also exists to duplicate the above from a command line by simply using:
Net Use X: \\ServerName\ShareName /persistent:yes
3) A batch file
The next step up would be to apply the Net Use commands using a batch file (also called script) which the user can apply by clicking on a desktop shortcut or by adding it to the start menu “StartUp” folder. Though this method of applying the batch file is not at all practical, using a batch file is a reasonable option. Alternate methods to apply a batch file are discussed later, but I will take this opportunity to discuss the script itself and the syntax. The script could be written using VBS or other languages, but for simplicity I will stick to DOS commands. The script is written in a text editor like “notepad” and saved with a .bat (or .cmd) extension. When saving, to be sure the .txt extension is not automatically added, place quotes around the file name such as “MyScript.bat” .
The basic line to apply the drive mapping is still the same:
Net Use X: \\ServerName\ShareName
However, as mentioned in #1 users have a tendency to occasionally create their own mappings, or you may want to make changes from time to time, so I like to start with a clean slate, delete all existing mappings, and make sure they will not automatically be recreated due to the “/persistent:yes” option. To do so start the script as below, followed by the drive mappings. (Note: DOS commands are not case sensitive)
Net Use /persistent:no
Net Use * /delete
Net Use X: \\ServerName\ShareName1
Net Use Y: \\ServerName\ShareName2
Net Use Z: \\ServerName\ShareName3
It is also possible to add GoTo statements and Labels to filter a script. For example you may want one script for multiple users on multiple devices, but the required mappings may vary for different users, on different servers or PC’s, or when users are members of different groups. This is not a scripting lesson but to provide an example, in the following batch file the mappings will not be applied if run on a server named Server1, and User1 and User2 will have different drive mappings than other users.
If "%ComputerName%" == "Server1" GoTo END
Net Use /persistent:no
Net Use * /delete
If "%UserName%" == "User1" GoTo MAP1
If "%UserName%" == "User2" GoTo MAP2
Rem apply default mappings to all others
Net Use X: \\ServerName\ShareName1
Net Use Y: \\ServerName\ShareName2
Net Use Z: \\ServerName\ShareName3
GoTo END
:MAP1
Net Use X: \\ServerName\ShareName1
GoTo END
:MAP2
Net Use Y: \\ServerName\ShareName2
The following sites will provide additional information regarding DOS commands and syntax, or using IfMember (for group membership filtering) instead of If %UserName%
4) Batch file, applied through the user’s profile
Continuing with using the batch file method; it would be more practical to apply it from the server, when the user logs on to their workstation than by installing on each machine. The crudest method of doing so which has been around for more than 10 years, is to apply the script though the user’s profile in Active Directory Users and Computers on the server. The default location to place the script is C:\Windows\sysvol\sysvol\<your domain>\scripts. This path is also a default share, \\ServerName\Netlogon for which all domain users have read permissions. The location can be change but if so permissions have to be considered and the path provided. Why “re-invent the wheel”, use the default file path. On server 2008 / 2008 R2 you must be an administrator and have “elevated privileges” to write to this file location. When opening the text editor (Notepad) right click on the application or shortcut and choose “run as administrator”. Failing do to so will not allow the file to be saved.
Once the batch file has been placed in the appropriate location, open the user’s profile in Active Directory, and in the box labeled “Logon Script” under the “Profile” tab, insert the name of the script. It will be applied the next time this user logs on to a domain joined machine. The only real disadvantage of this method is the name of the batch file has to be manually added to each user’s profile.
5) Batch file, applied using Group Policy
Now the 21st century methods: Group policy is the ideal way of managing users and controlling their environment. The possibilities are endless, but the focus is on mapping drives. Again place the script in the default location mentioned above; C:\Windows\sysvol\sysvol\<your domain>\scripts heeding the notes about requiring elevated privileges. Instead of applying through the user’s profile, which only affects one user, we can now apply to all members of an OU (Organizational Unit) through Group Policy. This example will use an OU named Sales. I will assume the users belonging to the Sales OU have already been added in active Directory. The policy can be applied to an OU at any level, including the domain level if preferred, though it is a “User Policy” so I recommend applying to a User OU.
Open the Group Policy Administration Console under Administrative Tools, and locate the OU to which you wish to apply the Logon script. Right click on the OU and choose “Create a GPO in this domain, and link it here”. The following image shows the OU structure used on a Small Business Server.
Name the policy
Right click on the new policy and choose edit
Expand the tree to locate <your domain name> | User Configuration | Policies | Windows Settings | Scripts (Logon/Logoff) | in the right hand window right click on Logon and choose properties| click add, then enter the path or browse to your logon script. Save by choosing OK, OK.
Group policy can take up to about 90 minutes to apply to workstations. If you wish to force it to update form a command line run: gpupdate /force then log off and back on. The drive mappings should be applied.
6) Using Group Policy Preferences
The latest method for applying drive mappings also uses Group Policy but does not require a script at all. Server 2008 introduced Group Policy Preferences. This method applies the mappings to a specified OU similar to the example above with the Sales OU, but uses a different feature or object within the Group Policy management console. Again right click on the OU to which you wish to apply the mappings and choose “Create a GPO in this domain, and link it here”, name the policy, and select edit as in #5 above. This time expand the tree to locate <your domain name> | User Configuration | Preferences | Windows Settings | Drive Maps. Right click in the right hand window and choose New | Mapped Drive
In the resulting window first choose Create or Replace. Create seems to be the more common choice. Replace does function more like the earlier script in that it deletes existing mappings and options, and completely re-creates the new drive mapping. Next enter the share UNC path and select the drive letter. I prefer not to select reconnect, which is similar to opting for /persistent:no as explained in the earlier scripting section. Then save the drive mapping by simply clicking OK. For more information on Drive Map options see: http://technet.microsoft.com/en-us/library/cc770902.aspx
Once complete the new drive mappings will be displayed in Group Policy similar to the following image:
Remember as in #5 if you wish the Policy Changes to be applied immediately, you must run gpupdate /force on the workstations to be affected.
Group Policy Preferences is obviously the simplest method for creating and reviewing mapped drive configurations so chances are you only read the past 2 paragraphs, but hopefully it has be of some help to those looking at other methods or wanting a brief history lesson.
In the event you have problems applying Group Policies make sure you have waited 90+ minutes or run gpupdate /force, then if necessary you can run GPResult on the workstation, or on the server in Active Directory run the Group Policy Modeling Wizard .
LAN-Tech Network Management 