Login Script - Drive Mapping

I decided to write a quick article on Login Script after I noticed that a lot of people were asking about "automated" mapping drive process at login. Most answers I found on the Internet were connected to Microsoft Active Directory and Group Policy (GPO). Not a lot of articles were helping home users & small business who are configured under Workgroups rather than Domains. If you want a simple solution using a batch file (.bat) this article is for you! 

Sure there are plenty of ways to do this, whether it's through PowerShell, VBS or Windows itself (right click and map drive) which involves "manual labour" on every computer and possibly under each users' profile if they have access to different drives... Then if you add or remove shares on your network, well guess what? Yes, another round of manual labour is waiting for you. There is a simple way to map network drives (shares) at login and I will show you how.

Now, before I start you need to know a few things if you want this to work the way it should. First of all you will need "Administrator rights" on the computer you want to import or modify the Registry. In this example I will keep things simple:

  • The network is a LAN within the same IP range;
  • The file server has a network share call Scripts with "Everyone Read Access" as permission;
  • My script file is map.bat, located on the Scripts share;
  • All workstations will be within the same network as the file server (same IP range).

Next, the credentials use on your workstation(s) (username and password) will have to be identical on the file server meaning that each one of your user must have an account on the file server with identical credentials to their workstation. Please note that if one of your user decides to change his local password and does not tell you, it will impact his access to the network share(s). This user will most likely see a popup window asking him to enter his credentials to access the share(s) since the file server will not recognized this user anymore. I suggest you let your users know about there's nothing wrong with changing their password but you will have to mirror the change to the file server. That's about it for the prep work. Now let's get to the script.

If you try to load a batch file from a remote computer at login, depending on the version you are using, Windows ​will most likely alert you - asking you if you want to run this program. Good security feature because don't' get me wrong batch file can surely be very harmful for our computer but not so useful for login script especially to accomplish what we are trying to do. This is an example of the message you could get:

To prevent that, you have to add your file server to the "trusted" zone of your local network. Here is how to do this:

Under Internet Properties (or sometimes Internet Options) / Security Tab, choose Local Intranet and click Sites:

​In Local Intranet click Advanced:

Then add your server name (hostname) as follow: file://server_name as shown below and click add:

​This will add the trust needed on the network and prevent the popup windows from appearing. The down side of this method is that this entry is only added under the current logged in user therefore if another user log in to this computer, you will most likely have to do the same thing over and over again for each users. I have to say that in the past, after adding the server under one user profile, the message did not appear for other users using the same computer. Anyway, if you want more information about how to make a LAN zone trusted, there is a post on Microsft Technet explaining it.

The way around is to create / import a registry key under the local machine which will apply to all the users using this computer which is a much more efficient way to do this. Microsoft explains these keys here.

This is the key you need to add under:

.-= BEFORE EDITING YOUR REGISTRY, MAKE SURE YOU ARE COMFORTABLE DOING IT BECAUSE THIS CAN "BREAK" YOUR INSTALLATION =-.

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\

  • Create a key named Domains
  • Within the Domains Key, Create a Key using your file server name
  • Within that file server name key, create a DWORD key named file with a value of 1 as shown below
File Name: HKLM-ZoneMap
File Size: 377 b
Download File

If you would like to "expedite" the process, you can download the key I created but make sure to CHANGE the file server name for your own prior to importing the key. You can edit a registry key with notepad, notepad++, etc. To import a key, double-click on the file and answer the questions. If you have issues or getting error importing, trying copying the file on the local computer instead of running it from a share drive. I have experienced issues in the past after trying to import a key from a network drive.

Then to make sure the script runs on every user's login session, we will add it to the registry under Local Machine / Run. Edit the Registry and go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

  • Create a String Value key named LoginScript (or whatever name you want, it does not matter);
  • The value of this key will be the path of your script as shown below.
File Name: HKLM-Run
File Size: 342 b
Download File

​Once again, if you want to be "lazy" (come on, everybody knows a good Network admin is efficient but Lazy!), you can download the key I made and import it BUT make sure to CHANGE the server name before doing so.

File Name: Batch
File Size: 952 b
Download File

Now, for the script itself, I won't go into too much details about batch files scripting but if you have any question, feel free to ask in the comments below. This is an example of a login script mapping different drives based on the user's name. Obviously you will have to adjust the names and create the shares matching your network environment. Feel free to copy / download this script and modify it as you please to fit your need.

I recommend using a software like Notepad++ when editing script. Notepad++ is a free source code editor and Notepad replacement that supports several languages running in the MS Windows environment. 

File Name: Kixtart
File Size: 2 kb
Download File

​Another option for you is to use Kixtart which has been around forever. Kixtart works a little bit differently than a batch file but overall it's the same principle. You need to "call" the .kix file from a batch file. I my case, I am using 3 files; 

  • Map.bat;
  • Script.kix;
  • Map.kix.


The main batch file (Map.bat) is calling the Script.kix file, then within this Script.kix file, I am calling the Map.kix file. I will post an example of the 3 files down below so you can see what it looks like and compare it to the standard batch file above. Be aware that you will need at least 1 batch file and 1 kix file if you choose to use Kixtart instead of a standard batch file.

Feel free to download the zip file I prepared for you, I included all 3 files for you. This should get you started. 

The steps above (modifications to the Windows Registry) still apply if you choose to use Kixtart as a login script.

 Like I said earlier, do not hesitate to comment below if you need a hand (I will help you if I can but keep in mind I am not a programmer), same thing if you have any suggestions. These are basics login script solutions but they work and get the job done!

This solution is obviously for home users of small businesses with only a few computers, bigger company will most likely use Active Directory to do this.

Hoping that this post will help some of you!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 28 November 2020

 

MCP logo

      A+ logo       Network+ logo       CIOS logo   BlackBag CBE