You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

05: How to deliver network drive mappings with PowerShell using Scripts Manager

  1. Create a new GPO and link it to the User OU or Domain that contains the users that will need to receive the drive mapping.
  2. Edit the GPO and expand the User Configuration > PolicyPak > Scripts Manager Section.

  3. With the Scripts Manager section selected click “ADD NEW COLLECTION” then give the collection a descriptive name, and click OK.
  4. Next either select the collection name under the left side of the screen or double-click on the collection name to open the collection.
  5. With the collection name selected click “ADD NEW POLICY”.

  6. Click Next to get to the “On apply action” screen, then choose “PowerShell script” from the dropdown menu.
  7. Next, paste in the script below to the text window, and ensure that “Run script as user” is the only option checked.

    if (-not(get-psdrive -name "Z" -ErrorAction SilentlyContinue)) {
    New-PSDrive -name "Z" -PSProvider FileSystem -Root \\server\share -Persist
    }

    Remember to edit the script to match what is needed for your environment, replacing “Z” with the drive letter you wish to map, for example if you want to map H: then replace “Z” with “H”. Also, replace \\server\share with the UNC path of the share you wish to map.

    The “On apply action” screen should look similar to below:

  8. Then click Next, then Next again (skipping the “On revert action”screen) until you get to the “Specify process mode” screen. Ensure that the “Always” radio button is selected then click Next, give the policy a descriptive name, then click Finish.
  9. Now we need to create a second policy item, to do so, right click anywhere on the white space area below the policy you just created and choose Add > New Policy.

  10. Click Next to get to the “On apply action” screen, then choose “PowerShell script” from the dropdown menu. Then paste in the script below to the text window, and ensure that “Run script as user” AND “With elevated rights” are the only two options checked.

    New-ItemProperty -LiteralPath 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System' -Name 'EnableLinkedConnections' -Value 1 -PropertyType DWord -Force -ea SilentlyContinue

    Note: The script above is all one line though the text is wrapped in the screenshot below.

    Your screen should match the screenshot below exactly.

  11. Click Next, then Next again (skipping the “On revert action” screen) until you get to the “Specify process mode” screen. Ensure that the “Once” (or “Once or when forced”) radio button is selected then click Next, give the policy a descriptive name, then click Finish.

  12. You should now have two policy items in your collection.

  13. Test the policy by logging into a domain-joined computer with a domain user account from the (User) OU or Domain where this GPO is linked then run “gpupdate”, afterward open File Explorer and verify that you see the new drive mapping.

    Note: If you only run the “Map Z: Drive” portion of the policy and UAC is enabled on the computer you may not see the drive mapping in File Explorer though it may show under the CMD prompt and within some applications. By including the second policy item “Set EnableLinkedConnections in Registry” we proactively address this possible issue.

    More info:

  • 871
  • 20-Feb-2020
  • 589 Views