Mapping drives using Group Policy preferences

For years, IT administrators have been relying on logon scripts for mapping users’ network drives in a Windows domain environment. However, more recently, administrators have found an effective alternative in Group Policy preferences and are increasingly making the switch. Mapping network drives using Group Policy preferences is flexible, provides easy control over who receives the drive mappings, and has easy-to-use user interfaces, all of which are in stark contrast with the complexities associated with scripts.

Setting up drive mappings with Group Policy preferences

Group Policy preferences are a set of extensions that increase the functionality of Group Policy Objects (GPOs). Administrators can use them to deploy and manage applications on client computers with configurations targeted to specific users. The Drive Maps policy in Group Policy preferences allows an administrator to manage drive letter mappings to network shares.

 Steps involved:

•  Open Group Policy Management.

• Right-click the domain or the required subfolder to create a new GPO, or select an already existing one. Right-click and select Edit to open the Group Policy Management Editor.

• Go to User Configuration > Preferences > Windows Settings > Drive Maps.

• Right-click and select New > Mapped Drive.

• Under the General tab (see Figure 1 below), do the following:

  • Action: Select Create or Update.

  • Location: Specify the full file path, e.g. \\Anjali-dc1\c.

  • Reconnect: Enable this to auto connect the drive.

  • Label as: Pick a suitable name for the shared drive, e.g. SharedDrive.

  • Drive Letter: Select a suitable letter for the drive, e.g. K.

  • Connect as: Enter a username and password if you want users to connect with certain credentials other than their own Windows login credentials.

  • Hide/Show this drive: Select whether you want to hide the folder or make it visible on the network.

  • Hide/Show all drives: Select whether, by default, all the shared drives/folders are hidden or visible.

Figure 1. Configuring general properties for drive mapping.

•  Click Apply and OK.

• For the settings to take effect, open a Command Prompt in the computer receiving the drive mapping, type GPUPDATE, and hit Enter.

Once the Group Policy settings have taken effect on the desired users/computers, the mapped drives should automatically appear under Network Location(s) as seen in Figure 2.

                             Figure 2. Mapped network drive.

 Deploying item-level targeting with Group Policy preferences

Item-level targeting (ILT) is a feature of Group Policy preferences that allows preference settings to be applied to individual users and/or computers dynamically. ILT allows an administrator to specify a list of conditions that must be met in order for a preference setting to be applied or removed to a user or computer object. The criteria available for targeting settings to users and computers can be seen below in Figure 3.

Figure 3. ILT options for Group Policy preferences.

In our example of configuring drive mapping, only users in the Product Managers group would receive the mapping. To accomplish this:

• Under the Common tab of the mapped drive properties, check the Item-level targeting option, and then click Targeting…. Refer to Figure 4 below.

 Figure 4. Configuring item-level targeting for drive mapping.

• In the Targeting Editor window, click New Item and select Security Group.

• Click the … button, and type in the name of the security group.

• Click OK to close the Targeting Editor once you’re finished adding items to the list. See Figure 5.

Figure 5. Adding preferences for item-level targeting.

The security group targeting option allows you to pick any Windows Active Directory security group (domain local, global, or universal) to use as a target. The security group targeting option is one of the most flexible and useful ILT setting. Since this target focuses on group membership, it is typically used for the user environment including shortcuts, files, network shares, schedule tasks, data sources, drive mappings, printers, and IE settings.

Summary

Setting drive mappings with the help of Group Policy preferences does not require any scripting knowledge and is both easy to use and efficient. The item-level targeting feature of Group Policy preferences allows settings to take effect on individual users and/or computers. This allows flexibility and lets you powerfully manage users and computers.