best way to map various combinations of mapped drives to AD users?
-
@dave247 said in best way to map various combinations of mapped drives to AD users?:
I could probably use group policy to make a mapping for each drive, then assign each GPO to the necessary user.. but I feel like that would still be a little numerous or something.
Also, I know usually this sort of things is group based access, but we have a small company and many people wear multiple hats and essentially we end up with multiple combinations of access for every employee which makes group based permissions and things challenging.
I think you're halfway there. Yes, use GPO, but instead of assigning users to each GPO, create a group and assign the group to the GPO. Once everything is created, all you have to do for who gets what is add/remove users from the group for the drive mapping.
-
This post is deleted! -
@dustinb3403 said in best way to map various combinations of mapped drives to AD users?:
While this is a very legacy approach it still works. If everyone is on premise (or VPN) based this should work fine.
We have remote users (using VDI) too and mapped drives work just fine regardless.
-
This post is deleted! -
@travisdh1 said in best way to map various combinations of mapped drives to AD users?:
@dave247 said in best way to map various combinations of mapped drives to AD users?:
I could probably use group policy to make a mapping for each drive, then assign each GPO to the necessary user.. but I feel like that would still be a little numerous or something.
Also, I know usually this sort of things is group based access, but we have a small company and many people wear multiple hats and essentially we end up with multiple combinations of access for every employee which makes group based permissions and things challenging.
I think you're halfway there. Yes, use GPO, but instead of assigning users to each GPO, create a group and assign the group to the GPO. Once everything is created, all you have to do for who gets what is add/remove users from the group for the drive mapping.
You mean make a group and apply each GPO for each drive to it, then add users? That makes sense.
-
@dave247 said in best way to map various combinations of mapped drives to AD users?:
@travisdh1 said in best way to map various combinations of mapped drives to AD users?:
@dave247 said in best way to map various combinations of mapped drives to AD users?:
I could probably use group policy to make a mapping for each drive, then assign each GPO to the necessary user.. but I feel like that would still be a little numerous or something.
Also, I know usually this sort of things is group based access, but we have a small company and many people wear multiple hats and essentially we end up with multiple combinations of access for every employee which makes group based permissions and things challenging.
I think you're halfway there. Yes, use GPO, but instead of assigning users to each GPO, create a group and assign the group to the GPO. Once everything is created, all you have to do for who gets what is add/remove users from the group for the drive mapping.
You mean make a group and apply each GPO for each drive to it, then add users? That makes sense.
Yep
-
@travisdh1 said in best way to map various combinations of mapped drives to AD users?:
@dave247 said in best way to map various combinations of mapped drives to AD users?:
@travisdh1 said in best way to map various combinations of mapped drives to AD users?:
@dave247 said in best way to map various combinations of mapped drives to AD users?:
I could probably use group policy to make a mapping for each drive, then assign each GPO to the necessary user.. but I feel like that would still be a little numerous or something.
Also, I know usually this sort of things is group based access, but we have a small company and many people wear multiple hats and essentially we end up with multiple combinations of access for every employee which makes group based permissions and things challenging.
I think you're halfway there. Yes, use GPO, but instead of assigning users to each GPO, create a group and assign the group to the GPO. Once everything is created, all you have to do for who gets what is add/remove users from the group for the drive mapping.
You mean make a group and apply each GPO for each drive to it, then add users? That makes sense.
Yep
I'll give that a try, thanks for the idea
-
@dave247 said in best way to map various combinations of mapped drives to AD users?:
Problem: we have about 10 different shared folders as mapped drives and a handful of simple bat scripts used as AD logon scripts for users...
I think it would make more sense to just have one mapped drive and use sub directories for each department. That's probably how the files are organized anyway - at least judging from the looks of it.
The users that have permissions to a particular directory can use it and the other can't. That way you don't have to mess with the different drive mappings because everyone get the same one drive.
This also also how I have seen organizations with many departments do it. They basically use one drive mapping per entire file server. Everyone has gets the same shared drive(s) but permissions determine what directories they can access. It's more flexible to do it like that.
-
@pete-s said in best way to map various combinations of mapped drives to AD users?:
@dave247 said in best way to map various combinations of mapped drives to AD users?:
Problem: we have about 10 different shared folders as mapped drives and a handful of simple bat scripts used as AD logon scripts for users...
I think it would make more sense to just have one mapped drive and use sub directories for each department. That's probably how the files are organized anyway - at least judging from the looks of it.
The users that have permissions to a particular directory can use it and the other can't. That way you don't have to mess with the different drive mappings because everyone get the same one drive.
This also also how I have seen organizations with many departments do it. They basically use one drive mapping per entire file server. Everyone has gets the same shared drive(s) but permissions determine what directories they can access. It's more flexible to do it like that.
Yes actually that's one plan I've had for a long time, just haven't gotten around to doing it mainly since it will disrupt everyone's workflow for a bit.
-
@dave247 said in best way to map various combinations of mapped drives to AD users?:
@pete-s said in best way to map various combinations of mapped drives to AD users?:
@dave247 said in best way to map various combinations of mapped drives to AD users?:
Problem: we have about 10 different shared folders as mapped drives and a handful of simple bat scripts used as AD logon scripts for users...
I think it would make more sense to just have one mapped drive and use sub directories for each department. That's probably how the files are organized anyway - at least judging from the looks of it.
The users that have permissions to a particular directory can use it and the other can't. That way you don't have to mess with the different drive mappings because everyone get the same one drive.
This also also how I have seen organizations with many departments do it. They basically use one drive mapping per entire file server. Everyone has gets the same shared drive(s) but permissions determine what directories they can access. It's more flexible to do it like that.
Yes actually that's one plan I've had for a long time, just haven't gotten around to doing it mainly since it will disrupt everyone's workflow for a bit.
If you have the directory structure in place, you could do it by adding the new drive share for all departments. Give people a couple of weeks to start using it and then slowly start to remove the older shares one by one. That will force everyone to migrate to using the new share - but not everyone at the same time.