Apply Group Policy To a Security Group

KB ID 0001653

Problem

On EE this morning someone asked how to map a drive to only two users, so that wherever they logged in, they got their mapped drive. Seemed like a good Idea for a post so here you go;

Solution

If you do not already have one, create a group for your users.

Create Security Group

Add the users, (as appropriate).

Add Users to Security Group

On a Domain Controller > Administrative Groups > Locate the OU that contains your users (Note: if your users are in multiple OU’s, then after you have created the policy simply ‘Link‘ it to the applicable OUs).

Create Group Policy

Edit the policy.

Edit Group Policy

User Configuration > Preferences > Windows Settings > Drive Maps > New  > Mapped Drive > Action = Create > Location = Set the UNC path to the mapped drive > Tick ‘reconnect’ > Label as ‘What you want the user to see it called’ > Select the drive letter you want > Apply > OK > Close the policy editor.

GPO to Map a Drive

With the policy selected > Delegation. > Advanced > Authenticated Users > REMOVE ‘Apply Group Policy’.

Apply GPO to Security Group

Add. >Add in your ‘Security Group’.

Apply GPO oonly to Security Group

ALLOW ‘Apply Group Policy’ > Apply > OK.

Map Drive to Securiry Group

Then either wait, or force a group policy update.

To prove it’s not all ‘Smoke and Mirrors‘, I log on as one of those users and…

Drive Mapped to via GPO

Related Articles, References, Credits, or External Links

NA

Author: PeteLong

Share This Post On

2 Comments

  1. Dmitry

    07/02/2020

    Group Policy Item-Level Targeting?

    Post a Reply
    • PeteLong

      07/02/2020

      Good call! Yes, because its a GPP and Not a GPO It can be targeted directly to a security group 🙂

      Post a Reply

Leave a Reply to PeteLong Cancel reply

Your email address will not be published. Required fields are marked *