Stephen
Stephen

Reputation: 21

powershell to create mapped drive on gpo

I am trying to automate a process using powershell and as part of that process I want to create a new drive map on a group policy object

The image shows how it is done manually with the group policy management editor manual method

I have tried using

New-PSDrive and New-SmbMapping eg
New-GPO -Name "$gpn"  | New-GPLink -Target $target
New-PSDrive –Name “T” –PSProvider FileSystem –Root “\\arc\tms shared\$directory” –Persist

and

New-SmbMapping -LocalPath 'T:' -RemotePath '\\arc\tms shared\$directory' -Persistent:$true

but with no luck

thanks

Upvotes: 1

Views: 3073

Answers (2)

Maxime Mandong
Maxime Mandong

Reputation: 11

It's possible to do it by manipulating xml file.

  1. You have to create a Gpo normally with New-Gpo
  2. You have to get Gpo id with $Gpo = Get-Gpo -Name "Gpo_name"
    $Gpo = $Gpo.id
  3. You have to locate \\server\sysvol\server.local\Policies\{$GPO}\User if there is no folders inside, create the folders Preferences and Drives then get this path : \\server\sysvol\server.local\Policies\{$GPO}\User\Preferences\Drives
  4. now you can create Drives.xml file on the path with the example
$Gpo=Get-Gpo $gpo_name -Verbose
$Gpo = $Gpo.Id
$Gpo
$Createdate = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
$data = @"
<Drives clsid="{8FDDCC1A-0C3C-43cd-A6B4-71A6DF20DA8C}">
    <Drive clsid="{935D1B74-9CB8-4e3c-9914-7DD559B7A417}" uid="" changed=$Createdate image="2" status="I:" name="I:">
    <Properties letter="I" useLetter="1" persistent="0" label="My_New_Disk" path="path_directory" userName="" allDrives="NOCHANGE" thisDrive="NOCHANGE" action="U"/>
    </Drive>
</Drives>
"@

$data >> "\\server.local\sysvol\server.local\Policies{$GPO}\User\Preferences\Drives\Drives.xml" 

gpupdate /force
Start-Sleep -Seconds 5

You just have to manipulate xml drive setting file with the script ! to add or remove disk.

@stephen

Upvotes: 0

postanote
postanote

Reputation: 16116

But, uhmmmm that screen is not a GPO, which is done at the domain level.

You are showing GPP at the client level. Why are you doing per client via script vs at the domain so as machines are added to the domain, and user login, it's automatic? GPP of course in the way to go.

You cannot use New-Gpo for a local GPP setting. The PowerShell docs for that cmdlet specifically states...

New-GPO

Description The New-GPO cmdlet creates a GPO with a specified name. By default, the newly created GPO is not linked to a site, domain, or organizational unit (OU).

# get function / cmdlet details
Get-Command -Name New-Gpo -Syntax
(Get-Command -Name New-Gpo).Parameters.Keys
Get-help -Name New-Gpo -Full
Get-help -Name New-Gpo -Online
Get-help -Name New-Gpo -Examples

In linking the GPO, you have to fully qualify the target and permissions. Again the above doc shows the following example...

new-gpo -name TestGPO | 
new-gplink -target "ou=marketing,dc=contoso,dc=com" | 
set-gppermissions -permissionlevel gpoedit -targetname "Marketing Admins" -targettype group 

There is a tool you can get to assist here and they provide a sample scrip to do GPO drive mapping. See this...

Automating Group Policy Preferences Drive Mapping with PowerShell [VIDEO] They sell a tool for this use case called...

'Group Policy Automation Engine (GPAE)'

SDM Software’s Group Policy Automation Engine (GPAE) provides the industry’s only PowerShell interface for automating the reads and writes of Group Policy settings.

Upvotes: 0

Related Questions