[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 456
  • Last Modified:

File shares permissions roaming profiles

Can someone please help me out here.

Our file server properties are
Full computer name: CHSLabSrv1
Domain Name: NUACS.local
Roaming Profile Path: \\chslabsrv1\students\2008\student#

Folder Structure: E:\
                                      Teachers\
                                                    misc folders and files
                                      Admin\
                                                    misc folders and files
                                      MPPro\
                                                   misc folders and files
                                      StudentLab\
                                                   misc folders and files
                                      Students\
                                                   2008\
                                                           student1\
                                                                    misc folders and files
                                                           student2\
                                                                    misc folders and files
                                                           student3\
                                                                   misc folders and files
                                                    2009\
                                                           student4\
                                                                    misc folders and files
                                                           student5\
                                                                    misc folders and files
                                                           student6\
                                                                   misc folders and files

We are using roaming profiles for our students. When some students login they recieve "profile cannot be found", "can't save roaming profile". It also seems to take forever for a student to login. We would like to get rid of this error. Also when a student does login and go to network neihborhood, the only folder we would like them to have access to is StudentLab and MPPro. Is this possible? How would I perform this? I guess the big problem I am having is what share permissions do I need in the parent folder to have full control of the child folder. I don't want each student to have full control of the Students folder if I can help it, do they have to have any permissions to the Students folder at all?

0
stevek65
Asked:
stevek65
  • 3
2 Solutions
 
chikenheadCommented:
You will most likely want to start by inplementing folder redirection of the mydocs and desktop folders.  There is a setting in AD which will allow you to redirect these folders to central share points other that the user profile.  This will dramatically speed up the time it takes to load and save the profile, and give them access to these files even if their profile can't be found or loaded.


As to share permissions, you will typically share with full control.  This does not mean you are giving full control, as you will them manage permissions with NTFS permissions.  With all of the features we have just discussed windows will automajically setup the NTFS permissions for you.
0
 
chikenheadCommented:
On second thought I can't recall if the redirection feature is available in 2000 AD.    Is there any good reason why you have not changed to 2003 AD?
0
 
stevek65Author Commented:
With all the testing I am assuming the permissions are incorrect. How do I correct them?
0
 
PlaceboC6Commented:
They have to have "list" permissions at the student (the root of your profiles) folder at a minimum to support roaming profiles.  

Network neighborhood is netbios based and all systems with the computer browser server will populate the list.  Disabling the computer browser service will prohibit that machine from being able to browse as well as advertising itself.

0
 
chikenheadCommented:
try going into the share and seeing if you can open on of the other users profiles....  Typically ntfs permissions are setup in a manner where even a domain admin can't access them without first taking ownership.  Everyone will have access to the share point but only the individual users should be able to access what's in thier folders.
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now