Get network drive mapping configuration from GPO when computer is only Azure AD joined
When we have a computer that is not domain joined we can not use GPO like we use to do. Instead the computer is Azure AD joined and probably managed with Intune. In the beginning it was hard to replace what the GPO did and many times we haved to think outside the box to solve it. The community have come up with great solutions to help us overcome this in different ways.
Now I will show how you can use your old GPO to get the network drive mapping configuration on the fly instead of storing it in the script.
PowerShell code
function Get-GPO {
param(
[parameter(Mandatory=$false)]
[string]$DisplayName
)
$Searcher = New-Object DirectoryServices.DirectorySearcher -Property @{
Filter = "(objectClass=groupPolicyContainer)"
}
if ($DisplayName) {
$Searcher.Filter = "(&(objectClass=groupPolicyContainer)(displayname=$DisplayName))"
}
$Searcher.SearchRoot = "LDAP://$env:USERDNSDOMAIN"
$Searcher.FindAll() | ForEach-Object {
[PSCUSTOMOBJECT]@{
DisplayName = $_.properties.displayname -join ""
FilePath = $_.properties.gpcfilesyspath -join ""
}
}
}
$GPO = Get-GPO
$DriveMappingConfig = @()
foreach ($Policy in $GPO) {
$GPODisp = $Policy.DisplayName
$PrefPath = "$($Policy.FilePath)\User\Preferences"
$XMLPath = "$PrefPath\Drives\Drives.xml"
if (Test-Path "$XMLPath") {
[xml]$DriveXML = Get-Content "$XMLPath"
foreach ($Drive in $DriveXML.Drives.Drive) {
$driveMappingConfig += [PSCUSTOMOBJECT]@{
GPOName = $GPODisp
DriveLetter = $Drive.Properties.Letter + ":"
DrivePath = $Drive.Properties.Path
DriveAction = $Drive.Properties.action.Replace("U","Update").Replace("C","Create").Replace("D","Delete").Replace("R","Replace")
DriveLabel = $Drive.Properties.label
DrivePersistent = $Drive.Properties.persistent.Replace("0","False").Replace("1","True")
DriveFilterGroup = $Drive.Filters.FilterGroup.Name
}
}
}
}
Thanks and inspiration
Jaap Brasser – Jaap Brasser’s Blog
Johan Dahlbom – Tailspintoys – 365lab.net