Step 1 - Event Logs
Log Name: Application
Source: Group Policy Drive Maps
Date: 5/17/2009 8:55:57 AM
Event ID: 4098
Task Category: (2)
Level: Warning
Keywords: Classic
User: SYSTEM
Computer: Desktop4.acme.local
Description: The user 'V:' preference item in the 'Drive Mappings {3B6D54F2-E7DC-45A5-A66E-59C16CE2CB1A}' Group Policy object did not apply because it failed with error code '0x80070035 The network path was not found.' This error was suppressed.
Log Name: Application
Source: Group Policy Printers
Date: 5/17/2009 8:56:41 AM
Event ID: 4098
Task Category: (2)
Level: Warning
Keywords: Classic
User: SYSTEM
Computer: Desktop4.acme.local
Description: The user 'HP Deskjet F4200 series' preference item in the 'Drive Mappings {3B6D54F2-E7DC-45A5-A66E-59C16CE2CB1A}' Group Policy object did not apply because it failed with error code '0x80070709 The printer name is invalid.' This error was suppressed.
It was Group Policy Preferences which were tripping up, because the "network path" it mentions indeed changed. The V: drive (among other drive mappings) specified in the GPP setting was pointing to a UNC path that no longer existed. The UNC path was for the previous DC server name. While I moved the data and shares over to the new DC and it worked fine, the GPP was not updated. The net result was that each client was trying to find the share to reconnect the local drives and causing it to wait during logins.
The printer mapping failed to resolve because the client from which it was shared happened to have been reloaded with the same operating system but someone forgot to share out the printer again. Once the printer was shared and listed in the directory, everything synched up fine. But next up, I had to update the GPP settings for the drive mappings.
Right-click on each of the drive mappings to the right, and select "Properties". From there, I simply replaced the old server name component of the UNC path with the new server name (e.g. "Dragon"):
Once I updated all of them, I simply closed the GPM console, opened a CMD console on the client and typed GPUPDATE and hit Enter. After a few seconds the Group Policy settings were refreshed and I type NET USE to list all the drive mappings. They were all present and accounted for. To verify UNC resolution, I simply enter a drive letter to list a directory...
C:> V: (press Enter)
V:> DIR (press Enter)
All is good.
Conclusion
In the past, I would have used a login script to manage drive mappings, but there are some logistical issues with that method which are better served with GP Preferences. It still amazes me that admins are still using scripts to map drives, printers, make registry changes, add or remove shortcuts, edit environment variables, modify INI files, add files and folders, and so on.
Don't get me wrong. Being a script developer, I still insist scripts are the way to go for many tasks, but for these types of issues you're way better off using GP Preferences. In this particular scenario, GP Preferences saved me at least a few hours of work and having the built-in integration with Event logging, it was much faster and easier to diagnose the problem and take the appropriate action to resolve it.
1 comment:
Some time ago we switched from login scripts to group policy preferences but even they were not powerful enough.
Finally we found desktop authority that was able to ovrcome all group policy prefernces limitation.
This solution uses a validation logic that has allows you to apply very granular settings and it can configure a wide range of desktop management areas (not limited with "Preferences" section like in gp prefernces)
Post a Comment