Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Group Policies / How to Map Network Drives (Shared Folders) with Group Policy?

March 22, 2021 Active DirectoryGroup PoliciesWindows 10Windows Server 2016

How to Map Network Drives (Shared Folders) with Group Policy?

You can use Group Policies to flexibly map shared network folders from your SMB file servers as separate Windows network drives. Traditionally, .bat logon scripts containing the net use M: \\ro-fs01\sharename command were used to map network drives in Windows. However, Group Policies are more flexible, faster and may be updated in the background (you don’t need to reboot a computer or log off to map network drives via GPO).

In this article we’ll show you how to use GPO to map network drives in Windows.

The support of network drive mapping in GPO appeared in Windows Server 2008.

Lets’ look on how to automatically map a department shared network folder based on AD security groups and users’ personal network drives. Create a new security group for a Marketing department in Active Directory and add the employee accounts to it. You can create and fill the group using the graphic ADUC console (dsa.msc) or use the PowerShell cmdlets to manage AD groups (included in the AD for PowerShell module):

New-ADGroup "IT-Marketing" -path 'OU=Groups,OU=Rome,OU=IT,dc=woshub,DC=com' -GroupScope Global -PassThru –Verbose
Add-AdGroupMember -Identity IT-Marketing -Members b.bianchi, k.rossi, a.russo, m.baffi

To create AD groups and add members to them automatically, you can use a script from the article Dynamic Groups in Active Directory.

Suppose, you have a file server where shared folders of different departments are stored. The UNC path to the shared folder that your marketing team is using and which should be mapped to all employees in the department is \\ro-fs01\share\marketing.

Then create a GPO to map the shared folder as a network drive.

  1. Open the Group Policy Management Console (gpmc.msc) to manage the domain GPO;
  2. Create a new GPO and link it to the user account OU, then select Edit; create new gpo to map network drive
  3. Go to User Configuration -> Preferences -> Windows Settings -> Drive Maps. Create a new policy setting: New -> Mapped Drive; create new mapped drive via group policy preferences
  4. In the General tab, specify the connection settings for your network drive:
    1. Action: Update (this mode is used the most often);
    2. Location: a UNC path to the shared folder you want to connect;
    3. Label as: a drive label;
    4. Reconnect: makes a network drive permanent (it will be reconnected every time you log in, even if you remove the policy. There is a /persistent analog option in net use);
    5. Drive Letter: assign a drive letter for shared folder;
    6. Connect as: this option is not available now since Microsoft currently doesn’t allow storing passwords in Group Policy settings. set network drive properties, drive letter, unc path
  5. Go to the Common tab, check the Run in logged on users’s security context and Item-level Targeting options. Then click Targeting;
  6. Here we will specify that this policy must be applied only to the members of the AD security group created earlier. Select New Item -> Security Group -> your group name;map network drive only to specific AD security group members
  7. Save the changes;
  8. The mapped network drive will be available in File Explorer and other programs appears in the user session after the GPO is updated. mapped network drive on windows 10 file explorer
If the mapped network drives are not available from the elevated apps (running with administrator privileges), use the EnableLinkedConnections registry parameter (you can deploy this registry parameter to domain computers via GPO).

Create another policy rule to map personal network folders of the users as network drives. Suppose, you have a file server where personal user folders are stored (each folder has individual NTFS permissions so that users cannot access anybody else’s data). You want these folders to be automatically mounted as network drives in user sessions during logon.

Create a separate folder for each user matching their AD names (sAMAccountName) and assign the corresponding NTFS permissions.

create home folders

Create another drive mapping rule in the same GPO.

add network drive map rule in GPO

Specify the path to the shared folder with user personal folders as \\ro-fs01\shared\home\%LogonUser%. I have set %LogonUser% - Personal as a drive label.

GPO: mapping home drive by LogonUser name

You can display the full list of environment variables available in GPP by pressing F3.

Save the changes and update the group policy settings on user computers using this command:

gpudate /force

Then users will see their personal folders from a file server mapped as network drives. Users will be able to store their personal data on them. The network drive will be mapped on any computer a user is logged on to.

several mapped drives in windows 10

Windows 10 1809 had an issue with mapping network drives. Install a special patch to fix it.

Thus, you can create a lot of separate items with different conditions of mapping network drives to users in a single GPO.

create multiple rules to map different drives (network folders) in a single group policy

To select different computer or user criteria when connecting network drives, GPP targeting features are used (they are based on WMI filters).

0 comment
3
Facebook Twitter Google + Pinterest
previous post
Fix: Linux Boots into “Welcome to Emergency”
next post
How to Enable/Disable the Built-in Administrator Account on Windows 10?

Related Reading

How to Run Program without Admin Privileges and...

March 24, 2023

Configure Network Settings on Windows with PowerShell: IP...

March 24, 2023

Attaching Host USB Devices to WSL or Hyper-V...

March 20, 2023

Print Screen Key Not Working in Windows

March 17, 2023

Fix: Remote Desktop Services Is Currently Busy

March 15, 2023

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows Server 2022
  • Windows Server 2019
  • Windows Server 2016
  • PowerShell
  • VMWare
  • Hyper-V
  • Linux
  • MS Office

Recent Posts

  • How to Run Program without Admin Privileges and Bypass UAC Prompt?

    March 24, 2023
  • Configure Network Settings on Windows with PowerShell: IP Address, DNS, Default Gateway, Static Routes

    March 24, 2023
  • Exchange Offline Address Book Not Updating in Outlook

    March 21, 2023
  • Attaching Host USB Devices to WSL or Hyper-V VM

    March 20, 2023
  • Sending an E-mail to a Microsoft Teams Channel

    March 17, 2023
  • How to Restore Deleted Users in Azure AD (Microsoft 365)?

    March 16, 2023
  • Fix: Remote Desktop Services Is Currently Busy

    March 15, 2023
  • Send-MailMessage: Sending E-mails with PowerShell

    March 14, 2023
  • Clear Cache and Temp Files in User Profiles on Windows (RDS) with PowerShell and GPO

    March 13, 2023
  • Prevent Users from Creating New Groups in Microsoft 365 (Teams/Outlook)

    March 6, 2023

Follow us

woshub.com
  • Facebook
  • Twitter
  • RSS
Popular Posts
  • Configure Google Chrome Settings with Group Policy
  • Get-ADUser: Find Active Directory User Info with PowerShell
  • Allow RDP Access to Domain Controller for Non-admin Users
  • How to Find the Source of Account Lockouts in Active Directory?
  • Get-ADComputer: Find Computer Properties in Active Directory with PowerShell
  • How to Disable or Enable USB Drives in Windows using Group Policy?
  • Configuring Proxy Settings on Windows Using Group Policy Preferences
Footer Logo

@2014 - 2023 - Windows OS Hub. All about operating systems for sysadmins


Back To Top