Download the Flash player at www.macromedia.com.
Home
Solutions
Solution Archives
Software Products
Site Search

03-Apr-05, ZWDynaUser Article posted! (Pt. 1)

28-Mar-05, Windows Process Authority article posted!

28-Mar-05, ZWXPDrive article posted!

22-Mar-05, ZENworks Enhancement Software Posted!

22-Mar-05, Site Updated!

ZWXPDRIVE: Drive Map Extender

Under Windows NT and Windows 2000, every process shared the same drive mappings.  Windows XP, however, alters this practice.  Any process launched with the authority of the non-logged on user will not have any drive mappings.  The result is that if a system management tool such as ZENworks, SMS, LANDESK, etc attempts to launch a process with alternate privileges to allow for elevated install rights, drive map references will not be available. 

The most commonly suggested workaround is to use a UNC reference.  Not all processes will run from a UNC reference.  System administrators with multiple sites and servers find that using drive letters is also simpler to manage than maintaining multiple objects with unique UNC references.

To overcome this drive mapping limitation under XP, I wrote ZWXPDrive.  This tool will remap user drive mappings for the windows SYSTEM account for ZENworks for Desktops.  This way when ZENworks elevates a process under SYSTEM authority, drive letters made during the user logon process will be available to the SYSTEM account.

For ZWXPDrive to be able to make a user's drive mapping available, the SYSTEM account must at least READ privileges to the shared resource.  Permissions to NetWare shares can be granted the ZENworks workstation object so long as the NetWare share is in the same tree as the workstation object.  To grant privileges to the Windows SYSTEM account to a Windows Server or an alternate NDS tree, use a product such as ZWNetExtender.

Before ZWXPDrive

After ZWXPDrive

 

   The "Before" and "After" photos above show the effects of ZWXPDrive in a simple scenario.  The "Before" picture shows "My Computer" with drives "F:" and "Z:" mapped.  Task Manager shows that notepad is running with SYSTEM authority.  The "File" menu from notepad shows that no network drive mappings are available.  This is the normal state of the SYSTEM process under XP.  The "After" picture reveals the same drive mappings as before in "My Computer", Task Manager shows that notepad is running with SYSTEM authority, and the file menu from notepad now reveals that drive Z: is available.  Drive F: is not available because the workstation object does not have rights to the SYSTEM directory.  Drive Z: is available because the workstation object does have rights to PUBLIC.  If a drive had been mapped to another share point and the workstation object had at least read rights to the share, that mapping would also have been available.

ZWXPDrive is an application that needs to be launched via NAL at startup for the SYSTEM drive mappings to take effect.  ZWXPDrive is licensed at $95 for an unlimited number of workstations in any single Workstation Object tree.  ZWXPDrive can be found here.

Be sure to read Windows Process Authentication to help better understand the XPDrive article.