Share via

PowerShell script to map a network drive to an IaaS resource within Azure

RDW 216 Reputation points
2020-08-28T09:01:36.477+00:00

Hi folks

I'm trying to map a network drive from a Windows 10 device to an SMB share within Azure. Here's the scenario:

  • Windows Autopilot device AADJ and Intune enrolled
  • Windows 10 Enterprise
  • M365 E5 license
  • No on-prem access, purely cloud

I'm trying to get the device to map to the following SMB share, which is a Windows server within Azure (I didn't set this up and was simply provided with a test share to connect to that the identity has access to):

The issue I currently have, is that when I test the below script, I'm having to get the credentials of the current identity along with the pw, convert the pw to a secure string and then pass those variables back for PowerShell to map the drive. I'm having to use the Get-Credentials as the current challenge (and if anyone can find a way around this, I'd be so grateful), is that we use Windows Hello for Business PIN for the enterprise and it tries to pass the PIN to the SMB drive mapping and not the UPN and password. It appears to reject the PIN as it keeps coming back as password incorrect. If I use the UPN and password for the identity, it works. I'm not sure of anyway I can get it to force the UPN and password rather than PIN for the drive mapping silently. Hence, this is why I am currently testing with Get-Credentials but as it's interactive, it's not great. I'd rather this all be silent and with no interaction, so I could just deploy using Intune with no interaction when the drive maps.

The server I am having to connect to is in Azure (the below server names are obviously changed as well as the identity UPN):

Here's the small script, which is very basic - so any suggestions, please advise: 

$credential = Get-Credential  
$credential.UserName  
$credential.Password | ConvertFrom-SecureString | Set-Content c:\info.txt  
$encrypted = Get-Content c:\info.txt | ConvertTo-SecureString  
$credential = New-Object System.Management.Automation.PsCredential($credential.Username, $encrypted)  
New-PSDrive -Name "Z" -Root \\server.internal.domain.co.uk\SMBShare -Persist -PSProvider "Filesystem" -Credential $credential -Scope global

The identity I am testing with is similar to this format (obviously this UPN is fake): testuser1@keyman .onmicrosoft.com

Not sure if this will be possible without interaction. Any help appreciated.

Thanks all.

Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,455 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ian Xue (Shanghai Wicresoft Co., Ltd.) 34,191 Reputation points Microsoft Vendor
    2020-09-01T07:01:49.097+00:00

    Hi,
    Hope this could be helpful if you want no interaction
    https://techcommunity.microsoft.com/t5/office-365/cred-get-credential-without-asking-for-prompts-in-powershell/m-p/483274

    Best Regards,
    Ian

    Please remember to "Accept Answer" and upvote if the reply is helpful.

    0 comments
  2. RDW 216 Reputation points
    2020-09-01T10:44:00.667+00:00

    Thanks @Ian Xue (Shanghai Wicresoft Co., Ltd.) , I'll look at this today, test and respond back.

    0 comments