I'm running a lab to test GPO. I'm trying to map a network share item using GPO on a DFS share. This is the guide I'm following.
As a test, I change it to a map network drive GPO User Configuration. Then it works fine. There isn't really any reason why I want to map it as a "network share item". I'm just testing stuff.
Any idea why it doesn't work?
The problem is permissions. When you map a network drive through Group Policy, the computer has to perform exactly the same process that occurs when a user manually maps a network drive - including supplying appropriate credentials for the target network share.
For example: When a user manually maps a network drive through command line or GUI, the their login credentials are automatically sent to the server hosting the network share because the command prompt or GUI runs in the user's context and has access to their credentials. Since User Configuration policies also run in the context of the user, they work the exact same way.
Computer Configuration policies are different, however. These run in the context of a SYSTEM user, which is a local account that (unless you've done some custom configuration) has no access to network resources whatsoever.
TL;DR Define drive maps as User Configuration items unless you have a really good reason to do otherwise.
User contributions licensed under CC BY-SA 3.0