Objective: Mapping Network Drive via Group Policy Preferences – Troubleshooting

Problem: We ran into a strange issue today, We had approx. 10 drives mapped using Group Policy preferences out of them on some of the users only 5-6 drives were getting mapped and not the other.  In addition to that we were seeing some drives with the same drive letter as our’s mapped drives but they were going to some different locations.

In this article, we are primarily going to explain what we did to fix the issue but also going to describe trouble shooting GPP

 Our Environment

It consisted of 2 windows 2008 R2 DC’s and multiple windows 7 clients and a windows 2008R 2 Terminal server.

Troubleshooting:

Logged in with use on TS as well as his how PC, same network drive got mapped everywhere but  the drive we wanted was missing

Validated the AD replication is working good between DC’s

Validated File replication between domain controllers is fine

Took RSOP on the PC as well as TS, found the policy for map drive is being applied successfully.

Under RSOP , I could see the settings for GPP, so decided to enable userenv log (from XP) called as Gpsvc.log in Windows 7 using the following procedure

  1. Logon to the Windows 7 Computer as local administrator
  2. Save the below few lines as .reg file and execute it on the Windows 7 computer.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Diagnostics]

“GPSvcDebugLevel”=dword:00030002

PS: You will need to create Diagnostics key, if not there by default. For more details step-by-step instructions, click here.

Now time to restart your Windows 7 PC to make changes come into effect.

The debug log file will be available under “%systemroot%\debug\UserMode” folder and the file name is “gpsvc.log”.

PS: You might have to create usermode folder if not there already under debug

Rebooted the PC and logged back in , still there is no network drive, check the gpsvc.log but couldn’t find anything specific about GPP there, Though I could see the GPO is being applied.

Researched further to find that following is the way to check GPP application

1)    Resultant set of Policy wizard from GPMC on server:  When we take a local RSOP on the client, its doesn’t show GPP.  But if we take a resultant of policy from the GPMC console on server then it shows GPP settings quite clearly.

PS: Couple of things about RSOP from GPMC

a)     Make sure the computer you have selected while taking RSOP  has required WMI, RPC and SMB port open from the GPMC server, other wise you will get an error like “ RPC server is unavailaible”

b)    Make sure you login to the computer atleast once with the user for which you want to check the RSOP, because GPMC server can only pickup the information if a user profile exist on the client PC

2)    Enable GPP tracing and logging: Its definitely something which gives us quite good insight on how the GPP worked.  The logging needs to be enabled via group policy, so probably you can put the problem PC in an OU and add a new policy on it to enable the logging.

Edit the GPO  and go to Computer Configuration\Policies\Administrative Templates\System\Group Policy\Logging and tracing

Under this we have options to enable tracing from different components separately. Once policy is configured, wait for information to be replicated to all the DC’s and then reboot the problem PC.

Once we enable the tracing we started to events under application log of problem PC to find the network drives are getting mapped successfully but strangely we do not see them.

 

Log Name:      Application

Source:        Group Policy Drive Maps

Date:          7/21/2014 5:22:50 PM

Event ID:      4096

Task Category: (2)

Level:         Information

Keywords:      Classic

User:          SYSTEM

Computer:       XXX

Description:

The user ‘X:’ preference item in the ‘MappedDrives {19439423-5D14-45BD-BF42-6AB39EE3796F}’ Group Policy object applied successfully.

 

We troubleshot the issue further and deleted all the drives from the PC, to ensure that they are not cached or something like that. To our surprise, some correct and other incorrect drives got mapped again.

This was becoming stranger, so our observations were

1)      Issue with one user on multiple PC, so it has to be something from server and not PC issue

2)      Drives getting mapped via GPP and not via any script

3)      No login script configured via group policy.

Finally though of the script being applied from user property, checked the user property in DSA.msc and in deed find a script been applied there.

Checked the script to find that, it has net user /delete command written for various drive letters and then it does map some drives of its own.

Fixed the script and then login to both TS and user PC , found the drive mapped perfectly fine

Resolution

Found that there is a script configured as logon script in Dsa.msc\user property\profile, this script was deleting the drives which were mapped by GPP.

Hope it helps!!!

 

The following two tabs change content below.
An automobile enthusiast at heart and computer geek by profession, started my Career with MS in 2005.Left Jobs and started Pledge Technologies (the parent company to Grishbi) back in 2009.We have been providing IT consulting to various Small and Medium businesses across US and UK since then.Our company specialises in Microsoft Server technologies like AD, Exchange, the rest and with numerous Office 365 migrations under our belt, we quite an expert with that too. Whatever we learn in our day to day life, we share it back on Grishbi as a Thank for all the love and support our customers have given us.
%d bloggers like this: