Solved

Userhomes

Posted on 2008-10-01
23
345 Views
Last Modified: 2010-04-20
hi friends,

im stuck with this:
i need to create userhomes for our users on the server and also a profile path.

which is the most common way to do this?

i already have opened the shares:

userhome

profiles on our fileserver FS1

how do i set it up in the AD user profile?

we have server 2008 64bit and XP clients 32 bit
0
Comment
Question by:boxexpert
  • 9
  • 7
  • 2
23 Comments
 
LVL 25

Expert Comment

by:slam69
Comment Utility
There is a profile tab within teh active directory users and computers plug in when you select properties for each user

you can set the profile and home area that within that tab
0
 

Author Comment

by:boxexpert
Comment Utility
yes, but how do i do it on the server?

i want the users to have a serverbased userprofile
0
 
LVL 25

Expert Comment

by:slam69
Comment Utility
which is fine you just enter the profile path within the profile tab of the active directory user account?

i think you need to investigate using roaming profiles a little more as your question is a little unclear.

take a look at

http://www.microsoft.com/technet/community/en-us/management/manage_faq.mspx

here you will see about romaing profiles and how to configure them
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility
If you want to configure a Roaming Profile, you need to initially have configured the share server-side as appropriate. It is not necessary to pre-create the Roaming Profile folder for each user - the workstation can do that when the user first logs on. However, you do need to be sure that NTFS permissions are set so that the Authenticated Users group has the ability to Create Folders. Share permissions should just be set so Everyone has Full Control - you can control access on NTFS ACLs which are much more advanced.

Once the share is configured, you can set a roaming profile en-masse on all the users in an OU. Simply go to an OU, highlight users you want to establish a Roaming Profile on, right-click, Properties. On the Profile tab, check the Profile Path option and enter \\servername\profile-share-name\%username% as the path. When you press Apply, Active Directory will automatically fill this in to every highlighted user account, BUT it will also expand %username%, so everybody's profile path is actually the correct path which contains their username.

-tigermatt
0
 

Author Comment

by:boxexpert
Comment Utility
ok,i guess im a bit stupid.

how exactly do i create such a share on the server? do you have a step-by-step manual?
0
 

Author Comment

by:boxexpert
Comment Utility
i forgot:

on the server,there are already two folders:

userhome and profiles

which way makes most sense to apply it for our domain?

0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility
Profiles would be the folder for Roaming Profiles, Userhome the folder where you create user home directories, redirect the Desktop to etc.

It's really easy to create a file share. You simply right-click the folder you want to share (Userhome, profiles or whatever) and go to the Sharing Tab. Enter a name and set the permissions. I would advise that for the permissions on the Sharing tab you just give the Everyone group Owner (Full Control) privileges. You can then, later, go to the Security tab and control permissions with a much more fine toothed comb on that tab.

-tigermatt
0
 

Author Comment

by:boxexpert
Comment Utility
ok, do i have to set it up as follows: userhome$

U:// userhome

P://profiles

i dont understand the one with username%

how does that work?
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility
Ah, I see. When you map the shares, the path you enter in a batch file is simply the same path which you would use if you opened My Computer and entered it manually. For example, if you share the Profiles folder as Profiles, you would write in a batch file

net use P: \\servername\Profiles

The \\servername\Profiles is the bit you would enter in My Computer to browse the share manually. net use P: tells the computer to map a network drive, using drive P:.

If you place %username% in a map path, it simply means that when that batch file runs, that drive will be mapped, with %username% REPLACED with the actual username of the logged in user. This is good for your User Home (the user's private area) because the mapped drive will simply map to \\servername\userhome$\%username% - so boxexpert's userhome will map to \\servername\userhome$\boxexpert.

When you actually create the shares, it doesn't matter what share name you use - just ensure that whichever name you use, you specify and update it in your batch file.

-tigermatt
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:boxexpert
Comment Utility
ok,lets see...

on the server, i will have to do it als follows,right? i share the paths:

FS1\profiles          as P:\\ profiles

FS1\userhome$\%username%  as U:\\ userhome

with the appropriate NTFS permissions and thats it?

how would the batch file look like then?
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility
That's correct. You have two folders, a Profiles folder, and Userhome folder. Simply right-click these, Sharing tab and configure the shares there.

Your batch file would be something like:
rem Maps Drives

net use P: \\FS1\Profiles

net use U: \\FS1\Userhome$\%username%

Open in new window

0
 

Author Comment

by:boxexpert
Comment Utility
and how do i have to configure it on the properties of each user? how would that look like?
0
 

Author Comment

by:boxexpert
Comment Utility
this is getting annoying:

for certain users it works, for other not. it happens that the local profile gets loaded. whats the problem?
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility
I assume you mean in Active Directory properties? I would suggest you go onto the profile tab and set the option for Home Drive - Connect U: to \\FS1\Userhome$\%username% and set this for each user. A Userhome will then be created for them - called their username - in \\FS1\Userhome$, and the U: drive will be mapped at logon.

If you use this approach, you can take the U: mapping out of the batch file (see below). The logon routine in Windows will Map U: from the Home Drive configuration, automatically.

How are you pushing your batch file? A Group Policy Logon Script I hope? What OS are the ones which are working / are not working? Are the ones it is not working on connected to the LAN at logon? Do you get any errors at logon?

-tigermatt
rem Maps Drives

net use P: \\FS1\Profiles

Open in new window

0
 

Author Comment

by:boxexpert
Comment Utility
i forgot to mention:

all have XP SP3,server are all 2008 64bit.

the only three shares will be  

U: userhome
S. scans
F: finance

which GPO shall i use for this?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
Comment Utility

So, you'd create a brand new GPO, by right-clicking on yourdomain.local at the top of the GPO tree and selecting Create and Link GPO here. Then, in Notepad, create a script as below:

net use U: \\FS1\userhome\%username%
net use S: \\FS1\scans
net use F: \\FS1\Finance

and save that script in the path \\FS1\Netlogon. Name it "drives.bat" (include the quote marks).

Then, in the GPO, Edit the GPO and go to User Configuration, Policies, Windows Settings, Scripts (Logon/Logoff). Double-click in the main window 'Logon'. Then press the Add button. Locate \\FS1\Netlogon, then double-click your drives.bat script. Press OK a few times.

-tigermatt
0
 

Author Comment

by:boxexpert
Comment Utility
that means,

i install the the GPO feature on the fileserver (FS1),right?

FS1 is not a DC, its just file and database (sharepoint,WSUS,etc.)
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility

>> FS1 is not a DC, its just file and database (sharepoint,WSUS,etc.)

Now you mention it :)

You cannot use GPO if you don't have an Active Directory DC on your network. Do you have any DCs? If so, you must apply the policy from one of those DCs. It doesn't matter that the shares are mapped to \\FS1, but just pushing the script over the network from a DC's GPO is the crucial part.

-tigermatt
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

OfficeMate Freezes on login or does not load after login credentials are input.
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now