Secure Global Desktop Administration Guide > Users and authentication > Client Drive Mapping (--cdm)

Client Drive Mapping (--cdm)

Objects with this attribute

Usage

Object Manager	Client Drive Mapping	Create as many client drive mapping specifications as you need, using the New and Delete buttons. Order them using the arrows.
Command line	`--cdm drive_spec...`	Replace `drive_spec` with a drive mapping specification of the form `clientdrive:access:driveletter`. For example, `a:rw:z`. See below for more information. Separate each `drive_spec` with the "pipe" character, "\|".

Description

This attribute defines which drives on their client device a user may access from Microsoft Windows 2000/2003 applications, and which drive letters to use on the application server for those drives.

The Client Drive Mapping attribute is an ordered list of drive mapping specifications. Each specification names:

The client drive letter or type.
The access rights to grant to the client drive.
The drive letter to use on the application server to map to the client drive.

When a user logs in to a Secure Global Desktop server, information is gathered about the drives on their client device. For each available drive, the Client Drive Mapping attribute on the user's person object is checked. If there's no matching client drive configured, the parent organizational unit's Client Drive Mapping attribute is checked, and so on up the organizational hierarchy to the organization object.

If a match is found, then the associated access rights are granted for that drive from Windows 2000/2003 applications, using the configured drive letter. If that drive letter is already in use on the application server, the Fallback Drive configured on the Array panel of Array Manager is used to determine the drive letter to use.

The following tables show the values displayed in Object Manager for each part of a drive mapping specification, and the corresponding value to use on the command line.

For Client Drive:

Object Manager	Command line
All drives	`alldrives`
Fixed drives	`fixeddrives`
R/W removable	`rw`
R/O removable	`ro`
Network drives	`networkdrives`
A:, B: ... Z:	`a`, `b` ... `z`

For Access Rights:

Object Manager	Command line
Read-only	`ro`
Read-write	`rw`
None	`none`

For Drive Letter:

Object Manager	Command line
Same as client	`same`
A:, B: ... Z:	`a`, `b` ... `z`

Client drive mapping is turned off by default. You can turn on client drive mapping on the Array panel of Array Manager.

Please note the following:

An additional component, the Sun Secure Global Desktop Enhancement Module, must be installed on a Windows 2000/2003 application server for users to be able to access their client drives from applications run on that server.
For best usability you should disable or remap the application server drives, so the drive letters may be used for accessing client drives.
Client drives are only accessible from Microsoft Windows client devices, by users who log in to Secure Global Desktop using a web browser.
Due to web browser limitations, not all functionality is available for users who log in to Secure Global Desktop using the Netscape browser. For example, the amount of free disk space on a client drive is not correct. See the client limitations for more details.

Examples

--cdm 'a:rw:z|networkdrives:rw:same'

For a person object, this means the user is given read-write access to drive A on their client device using drive Z on the application server, and also has read-write access to all network drives defined on their client device using the same drive letter used on the client.

The user might have access to other drives, for example a fixed drive C, depending on the Client Drive Mapping attributes for the person object's ancestors in the organizational hierarchy.

Related topics
Setting up a Sun Secure Global Desktop Enhancement Module Setting up and configuring client drive mapping Array properties (array-wide) Remapping or hiding Windows 2000/2003 application server drives Users are having problems accessing client drives