All posts by Don Matteo

Network drive mapping from PowerShell Script

Mapping Windows Network Drive using PowerShell

PowerShell scripts can be used to create network drives to Windows network shares on servers or NAS devices. Where batch processing is not the right choice, or where Group Policy is not possible, a PowerShell script can perform this task, for example, when running login scripts with remote clients via VPN, or clients that are not members of the AD domain.

PS-Script for Network Drive Mapping

This PowerShell Script example netdrive.ps1, creates the Windows network mapping to drive Z: for a specific user, whereby you can log on as a different user than you are authenticated with on the client.

The corresponding Windows network share is defined in line 7 at $sharePath, and the drive is assigned in line 8 at $mapDrive, adjusting the respective placeholder between the quotation marks. If further network shares are to be mapped, in the if loop copy lines 7 – 11 for the next network share using the variables $sharePath1 and $mapDrive1.

Windows PowerShell Credentials

Run PowerShell Script from Batch

If a batch is already in place, for example netlogon.bat, then execute netdrive.ps1 out from a batch file as follows:

After a successful logon, is it possible to check the network mapping, for this the processes are logged in the file netdrive.log.

Network drive mapping from VBScript

Mapping Windows Network Drive using Visual Basic Script

VBScript can be used to connect network drives to Windows shares on servers or NAS devices. In situations where batch processing is not the right choice, or group policy is not the application you want, a Visual Basic Script can meet the requirement, for example, to apply login scripts to VPN Remote Clients who are not members of the AD domain.

Microsoft VBScript contains object classes, methods (functions / procedures) and value structures. Our MapNetworkDrive object is used as a method here. The method or verb in turn manipulates values.

Any object can be used, the object objNetwork is defined here, script developers like to stick to patterns and their variables. A prefix of str indicates a string value, while the obj prefix indicates an object. After WScript has created our objNetwork, it can be edited using the MapNetworkDrive method.

VBScript for Network drive Mapping

The following VBScript netdrive.vbs as an example, assign the network mapping to drive Z: for a specific user; the login can be performed as a different user than the one with whom you have authenticated yourself on the client.

The corresponding variable assigned line 6 – 9 in which the placeholder is defined between quotation marks.

Assign VBScript values to variables

  1. For strDriveLetter choose a desired network drive letter.
  2. For strRemotePath add the UNC path to the network share.
  3. For strUser add the user name. If this is a member of an AD domain, the domain prefix must be given, using like domain\user.
  4. For strPassword add the users password.

Run VBScript WSH from batch

If a batch is already used, for example netlogon.bat, then from the batch file the VBScript netdrive.vbs is executed as follows:

If you do not want to output Visual Basic Console Screen during execution, use option /B to start the application without opening a new window.

After successfully logging in, the network drive for the Windows network share is created and then opened in Explorer.

How to use Network Time Protocol on Linux

Linux System Time Synchronization with Network Time Protocol (NTP)

This post shows the synchronization of the system time with the atomic time of the NTP server in the Linux command line. Proper system time is essential for computer systems and creates the prerequisite for a smooth boost to the interacting services. The following command-line tools are used to check and adjust system time.

To querying the current system time with date and timedatectl:

The time synchronization on a server is carried out by an NTP daemon to synchronize the system time and ensure that the systems function properly. Atomic time can be synchronized by NTP servers on the Internet, such as Google Public Network Time Protocol (NTP) time.google.com

NTP-Daemon deploying

Installing NTP daemon on Debian Linux-based systems:

Install NTP daemon on RHEL/CentOS/Fedora systems:

NTP Pool Server pool.ntp.org tries to find the closest available server. The NTP pool project is a dynamic pool of time servers. The NTP pool servers can be edited in /etc/ntp.conf.

Before the ntpd service can be started, the system time must be set manually (in the range of a few minutes). This can be done with hit date or here run timedatectl set-time or via the NTP pool with ntpdate pool.ntp.org

ntpdate shows the current system time be synchronized with an NTP server. The deviations of the current system time from the times of the servers in the NTP pool can be queried with ntpq:

Now run the NTP daemon and link it in systemd for automatic start:

systemd-timesyncd configuring

The systemd-timesyncd service is already installed on many distributions. The configuration files control the time synchronization of the NTP network.

The network time synchronization for the systemd-timesyncd service includes the file /etc/systemd/timesyncd.conf

The timesyncd.conf configuration file can be as follows.

  use NTP servers that are in your zone for local time synchronization, see pool.ntp.org

So that systemd-timesyncd is started automatically, the command enable the service accordingly:

With a systemd-based system, run the following command to check the service status:

The output on lines 7 and 8 means that the time synchronization is not carried out. To enable synchronization with the following command:

Query the NTP service status again, after a few seconds the output shows System clock synchronized: yes and NTP service: active. The NTP service status should show something like this:

Kerberos authentication

Kerberos authentication is currently the standard authentication technology under Windows; Apple macOS, FreeBSD and Linux systems also use Kerberos implementations. When authenticating in an environment using Kerberos, a synchronous system time is of fundamental importance for interacting systems.

Since Kerberos requires three entities for authentication, it works as a ticket authorization by a third party, if the system time exceed a certain drift limit, a token created by Kerberos expires after a certain time and the ticket becomes invalid.

Kerberos has also become the standard for websites and SSO implementations across platforms. In Active Directory Domain Services (AD DS), when integrating NAS and other devices for access to network resources, it is necessary to ensure a consistent system time. For logging like syslog, the precise timestamp for the evaluation of the events and for the error analysis are important.

Linux Mint 20 Cinnamon: apt install ntp ntpdate