Mapping a folder on Synology NAS to all Authenticated Users W2K12 Essentials

Question

We have a W2k12 essentials server with about 10 users on it. I want to add a group policy to map to a folder on our Synology NAS drive. I believe I'm having a permissions issue, but not sure. I added the drive map in GPE and targeted it to Authenticated Users.

I tried to add permissions for 'Authenticated Users' on the folder \DISKSTATION2\homes\sage2 but got an error about failing to enumerate objects in the folder. I don't want to switch ownership for fear of breaking the permissions on the Synology. Right now, we add a user to the server, and then add the user to the Synology as a USER. All Synology USERs can access the company folder and their home folder. We then map a drive for each user on their machine, but we'd like to transition to doing it through the server and group policy.

Answer 1

I have found that item-level targeting will not work with the SID populated. There is a bug in AD DS that will not allow this to work unless you type in the group name only. Do not click the '...', just type in the group name that you want to target.

Very useful article here. This article helped me out with this same question.

Answer 2

Based on your screenshots, your GPO is not linked anywhere.

You just created the GPO in the Active Directory but you have to link it on the OU containing your AD users.

Additionnally, in the Item Level Targeting, you should remove "Domain Users", since almost everyone is a Domain User, I don't think it's meaningful to filter on this group. However, if you really want to keep this targeting rule, you have to check "Primary Group" since "Domain Users" is probably the primary group of your users.