In this article, I will show you how to automate reconnecting of user’s network mapping (home drive and all network drives) using VBScript and schedule task. When the workstation connects through VPN or ZPA, the home directory does not map automatically and network drives are set in the “Disconnected” state.
I will update this post with a list of other VPN’s registry value changes, but for now we’ll stick with Zscaler’s ZPA. Subscribe below to get an update on when the list is posted.
To begin, we need to determine the registry value changes when ZPA is enabled; this is because we don’t want the script to run when the user is on-premises. When ZPA is enabled on the client, the registry value changes to “TUNNEL_FORWARDING”. The below VBScript will obtain the value in the registry to get the current state of ZPA.
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Zscaler\App"
strValueName = "ZPA_State"
objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue
If dwValue = "TUNNEL_FORWARDING" Then
'TRIGGER EVENTS HERE
End IfRefer to:
https://docs.microsoft.com/en-us/windows/win32/wmisdk/wmi-tasks–registry
Next, we need to check if the H drive (home directory) exists on the workstation and also get the user’s homedirectory path from the domain. This will grab the information from the homedirectory attribute value in Active Directory via ADSystemInfo object. To do this, we need to use the FileSystemObject and GetObject commands.
Set objFS = CreateObject("Scripting.FileSystemObject")
If NOT objFS.DriveExists("H:\") Then
Set objSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
Set objNetwork = WScript.CreateObject("WScript.Network")
strHomeDir = objUser.homedirectory
objNetwork.MapNetworkDrive "H:", strHomeDir, True
End IfRefer to:
https://ss64.com/vb/filesystemobject.html
https://ss64.com/vb/syntax-userinfo.html
https://ss64.com/vb/mapnetworkdrive.html
In this next step, we will scan the local workstation for any other network drives that are in the “Disconnected” state; then remap to make them in active “Connected” in order to avoid the “Red X” on the network drive.
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\Root\CIMv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_NetworkConnection",,48)
For Each objItem in colItems
If objItem.ConnectionState = "Disconnected" Then
Set objNetwork = WScript.CreateObject("WScript.Network")
objNetwork.MapNetworkDrive objItem.LocalName, objItem.RemoteName, True
End If
NextRefer to:
https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-networkconnection
So to put it all together, the full script should look like this:
On Error Resume Next
Dim objFS,objNetwork
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Zscaler\App"
strValueName = "ZPA_State"
objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue
If dwValue = "TUNNEL_FORWARDING" Then
Set objFS = CreateObject("Scripting.FileSystemObject")
If NOT objFS.DriveExists("H:\") Then
Set objSysInfo = CreateObject("ADSystemInfo")
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
Set objNetwork = WScript.CreateObject("WScript.Network")
strHomeDir = objUser.homedirectory
objNetwork.MapNetworkDrive "H:", strHomeDir, True
End If
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\Root\CIMv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_NetworkConnection",,48)
For Each objItem in colItems
If objItem.ConnectionState = "Disconnected" Then
Set objNetwork = WScript.CreateObject("WScript.Network")
objNetwork.MapNetworkDrive objItem.LocalName, objItem.RemoteName, True
End If
Next
End IfWe’re not done, we still need to create a group policy (GPO) to do two things: (1) copy the VBScript and (2) run the VBScript at startup and/or when a new network connection happens. The script needs to be copied over to the local workstation because the end-user will receive a “file not found error” when ZPA is not enabled off the network.
The .vbs file copy group policy should have the following settings:
Action: Update
Source file(s): \\<domain DNS name>\SYSVOL\scripts\ReconnectNetworkDrive.vbs
Destination File: C:\Windows\System32\ReconnectNetworkDrive.vbs
Item-Level Targeting: a battery is present
The Scheduled Task group policy should have the following settings:
Name: Reconnect Drive Mapping
Action: Create
When running the task, use the following user account: %LogonDomain%\%LogonUser%
Run only when user is logged on: Selected
Hidden: Checked
Trigger: On An Event – New Network Connection (See image below)
Trigger: At log on
Trigger Delay: 1 minute
New Action: Start a program
Program/script: C:\Windows\System32\wscript.exe
Add Arguments: C:\WINDOWS\System32\ReconnectNetworkDrive.vbs
Start the task only if the computer is on AC power: Unchecked
Item-Level Targeting: a battery is present
That’s it! Well, let me know if you have any questions or if this script helped you resolve your issues in the comment section below!
Are you running this GPO in the user or computer context? I can get the file copy component to work, but with these settings for scheduled task I am getting 0x80070057 The parameter is incorrect.’ on client and task is not created. Tried filling “start in” with C:\windows\system32 but still get same error.
Both the copy and schedule task GPOs are User Configurations. What OS are the clients?
Program/script: C:\Windows\System32\wscript.exe
Add Arguments (optional): C:\WINDOWS\System32\ReconnectNetworkDrive.vbs
Start in (optional): should be blank.
Similar to if you’re running a command prompt:
wscript.exe C:\WINDOWS\System32\ReconnectNetworkDrive.vbsI got it to run under the user context as recommended, but unfortunately it does not remove the red disconnects on the drives– user still has to “touch” them to get them to reconnect. I even ran it from the command line, and I did make sure to replace “H:” with our home drive letter U:. This issue has plagued us for ages with laptops, with or without ZPA.
Are you using GPOs to map the home drives “U:”? If you are, use the “win32-networkconnection” for remapping instead. Also, the vbscript has conditional statements that must be TRUE and NOT TRUE before the IF statement could execute (Line 11 and 14 on the final script). To troubleshoot, try this: Command prompt: cscript ZPA_Test.vbs ZPA_Test.vbs script: On Error Resume Next Dim objFS,objNetwork Set objFS = CreateObject("Scripting.FileSystemObject") Const HKEY_CURRENT_USER = &H80000001 strComputer = "." Set objRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv") strKeyPath = "Software\Zscaler\App" strValueName = "ZPA_State" objRegistry.GetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue 'Get AD Home Drive Set objSysInfo = CreateObject("ADSystemInfo") Set objUser =… Read more »
Yes we do use GPO’s to map drives, including the home drive. One thing that I have noticed is that drives that are mapped explicitly by server name don’t get the red X, but those mapped by DFS namespace have to be “touched” to wake up and go into a connected state. For instance, in the output below, M is mapped directly to a specific server, while the other drives map off the dfs namespace. zpa state value: tunnel_forwarding home drive exists: false user value=me home drive value \\domain.com\data\mydocs\me caption: resource remembered connection state: disconnected connection type: persistent displaytype=share localname:… Read more »
I did a google search and it looks like other people are in the same boat as you. Some said to add a 2 minute sleep in the vbscript loop, might work? But, one thing I would try doing is to log off and back on your system, run the below vbscript and wait, see how long it takes for the (Z:) drive to appear: (Update the strRemoteShare value) Dim objNetwork, strRemoteShare Set objNetwork = WScript.CreateObject("WScript.Network") strRemoteShare = "\\domain.com\data\public" objNetwork.MapNetworkDrive "Z:", strRemoteShare, False Another thing, you might have an issue with your active directory sites and services, and when you’re… Read more »