Mapping network drives is a common task for system administrators. One option is to create a batch script that runs every time the workstation starts. But there is a simpler and more convenient method: using Group Policy. Mapping network drives via Group Policy is faster and easier, so it is a much more scalable approach.
Logon Scripts VS Group Policy
The ability to map a network drive with Group Policy was introduced in Server 2008.
Logon scripts are a thing of the past.
Logon scripts can actually slow computers down. Yes, group policy is faster.
Unless you have some crazy complex script that does something that Group Policy cannot do then there is no reason not to use it.
Mapping Drives with Group Policy has the following advantages:
- It’s much easier than logon scripts. Checkboxes and drop down lists, no need to understand scripting
- It’s scalable, as big as your Active Directory will grow logon scripts will scale no problem.
- It’s very flexible. With item level targeting you can target groups, users, OUs, operating systems and so on.
- It’s easy
Now let’s move onto some examples of mapping drives with group policy.
Here is a step-by-step guide for Group Policy drive mapping:
Step #1. On a Microsoft Windows Server with the Active Directory role installed, open the Group Policy Management
Step #2. Create a new GPO and give it a name. Then link it to an OU that contains user accounts because Group Policy drive mapping is a user configuration preference. You can also select an option – create a GPO in this domain and link it here, after that use item-level targeting option which will be described below.
Step #3. Right-click the new Group Policy object and go to User Configuration -> Preferences -> Windows Settings -> Drive Maps.
Step #4. Right-click Drive Maps, select New and then click the Mapped Drive
Step #5. Then you need to configure the settings for the new mapped drive. Here are the options on the General tab:
- Action — Select an action that will be performed on the shared drives:
- Create — creates a new mapped drive for users.
- Delete — deletes a mapped drive for users.
- Replace — deletes and then creates mapped drives for users.
- Update — modifies settings of an existing mapped drive for users. This action differs from Replace in that it only updates settings and don’t delete
- Location — Specify the path to the shared folder or drive that you want to map.
- Reconnect — Check this option if you want to save the mapped drive in the user’s settings and reconnect it each time they log on.
- Label as — Specify a custom name for the shared drive. (You can leave this field blank.)
- Drive Letter — Specify the letter you want the drive to be mapped to. Be careful, because if the workstation is already using the letter you choose here, the Group Policy drive mapping will fail.
- Connect as — If this setting is blank, the drive will be mapped using the current user account credentials. You can choose to specify a different account here that will be used instead.
- Hide/Show options — You can also choose to connect the new drive (or all drives) in a hidden state.
Step #6. Click the Common tab to configure these additional settings for all items:
- Stop processing items in this extension if an error occurs
- Run in the security context of the user who is currently logged on
- Remove this item when it is no longer applied
- Apply once and do not reapply
- Item-level targeting (see step 7)
Step #7. Item-level targeting allows you to apply drive mappings in a very flexible way. For example you could apply a drive mapping only to a certain OU and the users and computers in it, or only to a certain IP address range. If you enable item-level targeting, click the Targeting button to open the Targeting Editor. Click New Item and select the type of item that you want to apply the new shared drive mapping policy to. The screenshot below shows how to select Organizational Unit and then choose the specific users or computers in that OU. Click OK to close the Targeting Editor.
Step #8. To apply the policy, either reboot the target computers or run gpupdate /force on them. Alternatively, you can go to Group Policy Management, right-click the target OU, and then click Group Policy Update.
Now, whenever a user logs on to any of the targeted computers, the new network drive will be shown in their file explorer.
As you can see, mapping a network drive via Group Policy is a very easy process and doesn’t require any PowerShell scripting experience. It is the best way to assign network drives to your users in a centralized manner, and makes troubleshooting easier — for example, you can simply use gpresult rather than writing logon scripts.