It is possible to use Windows Computer Logon to protect Network drive mapping with multi-factor authentication....
This guide assumes that logon to the end user's computer is already protected by the Windows Computer Logon Client.
The first step required is a modification to the Windows Computer Logon registry key on the client computer, to control the behavior of the network drive mapping (NDM)
The key that needs to be changed is: Open regedit and go to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Deepnet Security\Windows Logon
Create a new sub-key called Computer Logon
Within the new key, add a All that is needed is to add an extra DWORD value called MFAforNDM with the value of 1;
This change can be deployed through GPO: https://www.techcrafters.com/portal/en/kb/articles/how-to-add-edit-deploy-and-import-registry-keys-through-gpo#How_to_Add_Edit_a_Registry_Key_via_Group_Policy_Objects
The second step required is to access the DualShield Administration Console and modify the UAC settings found within the Computer Logon Client policy:
For Customers using DualShield version 7.1.0 (0702) or above, plus Computer Logon Agent and Client version 2.5.6 or above, please expand the NAC tab and set Authentication to Multi-Factor Authentication..
For Customers using slightly older versions of DualShield and the Computer Logon Agent and Client, Expand the UAC tab and set Authentication Although strictly speaking UAC does not protect network drive mappings nor are you using Computer Logon software, some of the features in this policy do apply to the behavior of Windows Logon, therefore UAC authentication must be set to Multi-Factor Authentication for this to work..
You will most likely need to restart the client PC for this change to take effect.
...