Novell Home

Using Extensible Policies to view Specific Drive Mappings

Novell Cool Solutions: Trench
By James Davey

Digg This - Slashdot This

Posted: 21 Jan 2005
 

We map a number of drives for our staff and students to have access to applications and data, but don't always want them visible. Extensible and windows group policies only provide a few combinations of A,B,C,D, but by editing the proper adm file, you can have any combination of visible drives A - Z that you wish. For example, when students look in My Computer, we want them to see H (their home directory), and G (shared teacher/student data), but nothing else. Here is how we do it.

SOLUTION: Use Windows Calculator to create a 26 digit binary number where each digit is a one (hide the drive) or a zero (show the drive). The letter A corresponds to the least significant digit and Z to the most significant digit. Convert that number to decimal and store it in an adm file and only the drive mappings you want are visible.

For example, to hide all drives from users but A,D,G,H, the binary representation would be
11111111111111111100110110.

Starting from the right for the letter A, you can see that the digits corresponding to A,D,G and H have zeros so they will be the only drives visible to the user. Convert this number to decimal and it becomes 67108662.

The easiest way to put this new value into your extensible policies is to edit either the common.adm or admin.adm file with Notepad, find the section below and replace the numeric value found there (67108863) with your new decimal value and save it. These files are generally found in your ConsoleOne folder.

POLICY !!HideDrives
			VALUENAME "NoDrives"
			VALUEON NUMERIC 67108863	; low 26 bits on (1 bit per drive)
                        VALUEOFF NUMERIC 0
			END POLICY

If you wish to have several settings to choose from, another method is to edit the system.adm file which will give you a drop down box with several possiblilities. Here is an example with a number of choices for hidden drives taken from the modified system.adm file that we use.

POLICY !!NoDrives 
            ; EXPLAIN !!NoDrives_Help
	    PART !!NoDrivesDropdown	DROPDOWNLIST NOSORT REQUIRED
		VALUENAME "NoDrives"
		ITEMLIST
		    NAME !!ABOnly           VALUE NUMERIC	3
		    NAME !!COnly            VALUE NUMERIC	4
		    NAME !!DOnly            VALUE NUMERIC 	8
		    NAME !!ABConly          VALUE NUMERIC 	7
		    NAME !!ABCDOnly         VALUE NUMERIC	15
		    NAME "AllButADEHT"	    VALUE NUMERIC       66584422
		    NAME "AllButACDEHT"	    VALUE NUMERIC       66584354
		    NAME "AllButADEGHT"     VALUE NUMERIC	66584358
		    NAME "AllButADEGHQT"    VALUE NUMERIC	66518822
		    NAME "WXYZOnly"         VALUE NUMERIC       62914560
		    NAME "JVWXYZOnly"       VALUE NUMERIC       65012224
		    NAME !!ALLDrives        VALUE NUMERIC	67108863 DEFAULT 
                         ; low 26 bits on (1 bit per drive)
		    NAME !!RestNoDrives     VALUE NUMERIC	0
		END ITEMLIST
	    END PART			
	END POLICY

All the lines with the name in quotation marks are the ones we've added. As you can see, this is a more versatile approach, but use whatever option you wish.

If you have any questions you may contact James at jdavey@glenbrook.k12.il.us


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell