This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
networking:windows:active_directory:folder_redirection [2015/01/08 18:24] gcooper |
networking:windows:active_directory:folder_redirection [2023/08/18 11:33] (current) gcooper |
||
---|---|---|---|
Line 7: | Line 7: | ||
See also: **[[networking: | See also: **[[networking: | ||
- | See also **[[computing: | + | See also **[[computing: |
**Disable Offline Files on Individual Redirected Folders**: http:// | **Disable Offline Files on Individual Redirected Folders**: http:// | ||
+ | |||
+ | :!: For Ethernet-connected desktop PCs, I generally just disable the Offline Files feature. | ||
**Detailed Terminal Server Example**: http:// | **Detailed Terminal Server Example**: http:// | ||
Line 76: | Line 78: | ||
|Everyone | |Everyone | ||
- | < | + | < |
+ | |||
+ | <note important> | ||
==== Configure Top-Level Folder and Sharing ==== | ==== Configure Top-Level Folder and Sharing ==== | ||
- Create a folder " | - Create a folder " | ||
- | - Disable permissions inheritance | + | - Disable permissions inheritance |
- Set folder permissions per the table above | - Set folder permissions per the table above | ||
- Use the Advanced option to edit permissions | - Use the Advanced option to edit permissions | ||
Line 87: | Line 91: | ||
- Set the share name as " | - Set the share name as " | ||
- The dollar symbol hides the share | - The dollar symbol hides the share | ||
- | - Leave off the $ if you prefer | + | - Leave off the '' |
- Use **Properties -> Sharing -> Advanced** to create hidden shares | - Use **Properties -> Sharing -> Advanced** to create hidden shares | ||
- Set the share permissions per the table | - Set the share permissions per the table | ||
Line 96: | Line 100: | ||
:!: I generally redirect all the folders available for redirection. | :!: I generally redirect all the folders available for redirection. | ||
+ | |||
+ | :!: I recommend you do not add administrator objects in the AD container that folder redirection is applied to. | ||
^Folders You May Want to Redirect ^Comment | ^Folders You May Want to Redirect ^Comment | ||
Line 111: | Line 117: | ||
- **Start -> Run -> '' | - **Start -> Run -> '' | ||
- Right-click the container holding your **user** objects and select **Create a new GPO and link it here** | - Right-click the container holding your **user** objects and select **Create a new GPO and link it here** | ||
- | - Name it something useful like **Tucson | + | - Name it something useful like **Folder Redirection** |
- | - **User Configuration -> Policies -> Windows Settings -> Folder Redirection** | + | - Right-click the new policy -> **Edit** |
+ | | ||
- **Right-click each folder you want to redirect -> Properties** | - **Right-click each folder you want to redirect -> Properties** | ||
- Target Tab | - Target Tab | ||
Line 135: | Line 142: | ||
* Don't use ' | * Don't use ' | ||
+ | * Don't redirect folders for administrator accounts. | ||
* Logging in through Terminal Services (as an admin) may affect folder creation? | * Logging in through Terminal Services (as an admin) may affect folder creation? | ||
Line 161: | Line 169: | ||
==== Corrupt ntuser.dat file with Redirected Folders ==== | ==== Corrupt ntuser.dat file with Redirected Folders ==== | ||
- | - User logs in and does not get custom Desktop, Documents etc. Event log MAY show corrupt ntuser.dat file had been recovered. | + | User logs in and does not get custom Desktop, Documents etc. Event log MAY show corrupt ntuser.dat file had been recovered. |
- Delete the users profile from the workstation using the Advanced System Settings -> Advanced Tab | - Delete the users profile from the workstation using the Advanced System Settings -> Advanced Tab | ||
- Take ownership of the users profile on the server and rename. | - Take ownership of the users profile on the server and rename. | ||
- Log in as user and it will recreate the users profile on the server and workstation. | - Log in as user and it will recreate the users profile on the server and workstation. | ||
+ | |||
+ | :!: If the user has access to an RDS Server the profile must be deleted from the RDS Server also. | ||