Home / server / Questions / 363100
Accepted
jmreicha
Asked: 2012-02-24 09:54:40 +0800 CST

Create and map drive based on login

  • 772

I want to create a folder for each user if they do not already have one on a Windows file server when the user logs in each time.

So for example, I have user "jdoe", I would like to be able to create a share called "jdoe" automatically the first time this user logs in. And subsequently make this share available every time this user logs in after the share is created.

I have the policy working to the point where, if I manually create the share name for the user, the network drive gets mapped correctly. The last piece would be to create the share if it does not exist.

The policy setting looks like this:

enter image description here

Is there is a way to fully automate this process/policy or does this need to be done with a custom logon script or something?

Update 1:

These are what the folder permissions look like. Maybe this will help give you a better clue as to why the share isn't being created the first time the drive is mapped.

enter image description here

And here are the advanced options for Authenticated Users.

enter image description here

Update 2:

I have something working now at least, although I don't really think this is the best or cleanest way to do this. I have created two scripts, 1 for creating the share if it does not exist and the other to map the share.

I'm thinking that there has to be an easier, or at least less complicated, more obvious way to do this?

group-policy windows-7 windows-server-2008-r2

4 Answers

  1. The problem at this point is likely the permissions on the folder \\server\share.

    The user or the computer account (I don't remember which... been a while) needs to have the ability to create the new folder %username%. Check both the NTFS and share rights. From there it should occur on its own. At least it did when I still needed to set this up. :)

    EDIT -

    I think that this was user accounts, not computer. I tended to use 'Authorized Users' for this setting.

    Also you should be able to grant the "Create Folder" right to the "Only This Folder" setting on the shared folder. That should be the minimum to do what you want.

    EDIT - See the official documentation on the subject here. Specifically look at the "Folder Redirection permissions" section.

    • 2

  2. The Group Policy to map a drive only actually performs the mapping. It's not capable of creating the share automatically. You'll have to do this programatically, probably by way of a login script.

    This link is to a GREAT blog post detailing how to create a PowerShell script that will check for the presence of a directory, and if it does not exist, it will create it (and I think the script goes so far as to share it).

    If you couple pieces of the login script with your GPO, you'll have a solution that suits your needs.

    • 1

  3. I suspect that for this to work, you have to configure the 'root' folder (Users) in the manner used for Redirected profiles or Redirected folders.

    Example Permissions

    In this example, the 'special' permissions for CREATOR OWNER & Authenticate Users are:

    CREATOR OWNER: Full Control - 'Subfolder and Files Only'

    Authenticated Users: 'List folders/Read data' and 'Create folders/Append Data' - This folder only

    • 0
  4. Best Answer

    I had to use a combination of two different scripts for this to work. I first run a powershell script that checks to see if a directory exists and if it doesn't, creates it.

    createshare.ps1

    $share = $env:username
$sharepath = "\\fileserver\Users\$share"

If (!(Test-Path $sharepath)) {
New-Item $sharepath -type Directory
}

    The next script just deletes the old share name and mounts the new share.

    mapdrives.bat

    @echo off
net use * /delete /yes

net use z: "\\fileserver\Test Network"
net use u: "\\fileserver\Users\%username%"

    I have a group policy set to run the powershell script and then run the bat file to map the drives at user logon.

    • 0