Apply Group Policy To a Security Group

KB ID 0001653

Problem

On EE this morning someone asked how to map a drive to only two users, so that wherever they logged in, they got their mapped drive. Seemed like a good Idea for a post so here you go;

Solution

If you do not already have one, create a group for your users.

Add the users, (as appropriate).

On a Domain Controller > Administrative Groups > Locate the OU that contains your users (Note: if your users are in multiple OU’s, then after you have created the policy simply ‘Link‘ it to the applicable OUs).

Edit the policy.

User Configuration > Preferences > Windows Settings > Drive Maps > New  > Mapped Drive > Action = Create > Location = Set the UNC path to the mapped drive > Tick ‘reconnect’ > Label as ‘What you want the user to see it called’ > Select the drive letter you want > Apply > OK > Close the policy editor.

With the policy selected > Delegation. > Advanced > Authenticated Users > REMOVE ‘Apply Group Policy’.

Add. >Add in your ‘Security Group’.

ALLOW ‘Apply Group Policy’ > Apply > OK.

Then either wait, or force a group policy update.

To prove it’s not all ‘Smoke and Mirrors‘, I log on as one of those users and…

Related Articles, References, Credits, or External Links

NA

3 thoughts on “Apply Group Policy To a Security Group

    • Good call! Yes, because its a GPP and Not a GPO It can be targeted directly to a security group 🙂

  1. I am a domain admin, but not a member of the security groups applied to the GPO I created for a specific department. Why would it map the drive to my pc?

Leave a Reply

Your email address will not be published. Required fields are marked *