We can automatically copy files or folders via GPO to all domain computers.

Here, at Bobcares we have seen several such Group Policy related queries as part of our Server Management Services.

Today, we’ll take a look at how our Support Engineers go about with this query.

Copy Files or Folders using Group Policies

As mentioned earlier, using Group Policies we can place files in a user profile folder or any directory on a local drive. We can automatically copy or update different configuration files, INI files, EXE files, DLL libraries or scripts from a shared repository.

For instance to copy two files (app.exe and settings.xml) to the desktops of some Active Directory domain users, we can automate copying files to domain computers using GPO logon scripts (by xcopy, robocopy, etc.).

However, our Support Techs suggests a quite simple and easy graphical method to Copy Files or Folders via GPO preferences.

How to Copy contents of Folder via Group Policy

First, we create a shared folder to keep source files. It can be a shared network folder on a dedicated file server or the SYSVOL directory on a domain controller.

To place the files to the Sysvol folder: \\test.com\SYSVOL\test.com\scripts\CorpApp, we make sure that the Authenticated Users group has read permissions on this folder.

Furthermore, let us focus on the step we follow:

1. Create a new Active Directory security group – CorpAPPUsers. We can create a group using the PowerShell cmdlet:

   New-ADGroup CorpAPPUsers -path ‘OU=Groups,OU=DE,dc=bobcares,DC=com’ -GroupScope Global -PassThru –Verbose

2. Add users to the group:

   Add-AdGroupMember -Identity CorpAPPUsers -Members asmith, bmuller, tweber

3. Open the Group Policy Management console (gpmc.msc)
4. Create a new GPO object (CopyCorpApp) and link it to the OU that contains users’ computers
5. Then, go to the GPO edit mode
6. Expand the following Group Policy Preferences section: User Configuration –> Preferences -> Windows Settings -> Files
7. Next, select New –> File
8. Specify a source file in the shared network folder and the target directory on the target computer
9. Here, four actions are available for copying files using GPO:
   Create – a file is copied to a target directory only if the file does not exist in it
   Replace – a target file on a user computer is always replaced by a source file
   Update (a default policy) – if a file already exists, it does not replace the source file
   Delete – delete the target file
10. To copy files to the current user Desktop, use %DesktopDir%
11. To copy files to the desktops of the specific users, open policy settings-> common tab-> enable Item-Level Targeting option-> Targeting
12. Select more options of how to apply the GPO, click New Item -> Security Group -> domain, user group
13. Since we have linked the GPO to the Organizational Unit containing computers, GPO loopback processing mode must be enabled: check to Configure user Group Policy loopback processing mode = Merge in Computer Configuration -> Policies -> Administrative Templates -> System -> Group Policy
14. Then update Group Policy settings on client computers and make sure that two files have automatically been copied to the Desktop.

Generally, with this method, we can copy scripts, executable application files, etc. to user computers and place a shortcut for it on the Desktop using GPO.

GPO does not have built-in features to copy a folder with all its contents. Instead, we can use Computer (User) Configuration –> Preferences -> Windows Settings -> Folders policy that allows creating a folder on a target computer.

Then proceed with the scenario described above to copy files to it.

[Can’t Copy Files or Folders via GPO? We are here for you.]

Conclusion

In short, using Group Policies, we can automatically copy specific files or folders to all domain computers. Today, we saw an effective method our Support Engineers employ.