Domain – Creating Mapped Network Drives VIA GPO Dynamically to Username

domainsharewindows-server-2008windows-server-2008-r2

Good Day.

i learned server 2008 r2 in college and trying to setup a small server for a college.

I have set up AD with DNS,DHCP and WSUS. I am trying to Map 2 x Network drives to each user in a specific group (hereby known as Students). Each student should have a public folder (Course material) and a private folder (his work) mapped to his account.

Is there a way to automatically let the GPO create folders using the %USERNAME% variable for the private folders and share them with the student aswell?

I am able to create the public folder and private folders manually, just keen on if it is possible and how i would go about it?

Best Answer

I believe that using the GPO Preferences will not create the folder structure for you, but you can use the environment Variables such as %USERNAME% to allow everyone there own sub-folder on a shared path.

I would use the "AD Users and computers" console to configure each users Home Drive on the "Profiles" tab, although this could also be achieved by using powershell.


  1. set the drive letter and the UNC path such as

\\server1\home\%USERNAME%

local path would possibly be C:\NetworkData\Home\

NOTE: ensure that permissions allow authenticated users access to this level to enure the drive can be mapped on logon. you can do this on the folders ACL. allow everybody all rights on the share permissions and tighten down with the usual folder ACL.

this will then create the directory structure for you, you will still need to set the permissions on the directory yourself once its created. or get a script to go across them after.

i would suggest the top level. i.e.

\\server1\home\joe.blogs\

will allow others read/write


  1. you could put a subfolder below it:

\\server1\home\joe.blogs\Documents

Which you would remove inheritance of permissions, and allow only admins and the person that the folder belongs. therefore making it private.

  1. you could then Map that personal folder using GPO preferences and mapping it to a different letter and the %USERNAME% variable again.


Although i am wondering how you intend other users to access there peers "public" folders?

this is all a lot quicker if you are proficient at Powershell, as you can set the AD props, create the subdirectory and set the permissions for all users in your AD/Site/OU at once. here is how to set the home directory. use the get-aduser commandlet to get your given set of users and go over it like so

`
$Users = Get-ADUser  -SearchBase "OU=Accounts,OU=RootOU,DC=ChildDomain,DC=RootDomain,DC=com" -Filter *;

foreach($User in $users)
{
    Set-ADUser -Identity $User.SamAccountName -HomeDirectory \\server1\home\$User.SamAccountName -HomeDrive H;

}

`

Related Topic