Mapping Drives with Group Policy Preferences and Item-Level Targeting
Mapping a drive means that you want permanent access to a shared folder created on another computer. Windows OS will assign a drive letter to the network drive and it can be accessed just like any other local drive connected to your computer.
Mapping network drives with group policy preference is very easy and it does not require any scripting knowledge. Also, We can use item-level targeting to map drives based on specific conditions like group membership, OU, operating system, etc.
In this example, We will use item-level targeting so it only maps the network drive for users who are a member of the specific security group.
For this guide already I have created.
- Two users with the name HR User1 and HR User2
- One security group name HRUsers. (HR User1 is a member of this security group)
One shared folder on a domain controller (\\ws2k19-dc01\HRSahredData)
Step:1 Create a group policy object to map a network drive:
Open the Group Policy Management Console.
In the Group Policy Management Console, right-click on group policy objects and select new.
Specify a proper name (Map Network Drive using Group Policy Preference GPO) to the new group policy object.
On the group policy object right-click and select the edit option.
Navigate to User Configuration -> Preferences -> Windows Settings -> Drive Maps.
Right Click Drive Maps, Select New – > Mapped Drive.
On “General” tab specify the details as below:
Label as: Test.
Use: M. (This is going to be the drive letter)
On “Common” tab. Select “Run in logged-on user’s security context and item-level targeting check-boxes. Click on targeting button.
Click on New Item. Select “Security Group” and then select the security group you want to target.
Click on OK button. (In our case it will be HRUsers security group).
Click on the apply and OK button to close the new drive properties.
This completes the GPO settings. Close group policy management editor console.
Step:2 Link group policy object:
In the Group Policy Management Console, right-click on the Domain/OU where you want to link the group policy object.
Select “Link an existing GPO”. Select the GPO (In our case it will be Map Network Drive using Group Policy Preference GPO).
Click on OK button.
Step:3 Test the result:
On the client computer, Login with the user who is a member of HRUsers security group that we have added in the item-level targeting to verify that our policy of mapping drive using Item Level Targeting GPO is deployed or not.
Log in as an HR User1.
Verify that mapped drive using item-level targeting is deployed successfully by accessing the mapped drive naming Test(M:).
Log off from user account HR Users1 and log in as an HR User2 (who is not a member of HRUsers security group).
Verify that mapped drive is not present under file explorer.
It works perfectly fine for us.
Now, any user we put in the HRUsers security group will get this mapped drive.