Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Terminal Services Home Folder path does not inherit the parent folder permissions in Windows Server 2003

Posted on 2008-10-03
4
Medium Priority
?
1,018 Views
Last Modified: 2012-05-05
The subject says it all. What happence is i create a new user in AD ad the first time they log on to citrix there profile is created in \\server1\citrixprofiles

These newly created folders are not checked to inherit permisions and are help desk tech needs access to thes profiles. the help desk tech is has permisions set at citrixprofiles. There is a MS artical on this # 875535 http://support.microsoft.com/kb/875535/en-us

But when i spoke to MS on this they said the hotfix should gave been included with SP1 and I am running SP2. They also said to go ahead and run it IT SHOULDN'T hurt anything. That makes me feel real comfortable. I was wondering if anyone else has had any similar problems and can lead me on the path to fix this. I know that i can just go on to the system and check inherit permisions on my own but we would really like this resolved
0
Comment
Question by:mystics7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 2

Expert Comment

by:Ron9909
ID: 22641575
Hmm - this article is about TS Home directories...are you trying to give your technicians access to the profile or the home dir?  

If profile, the behaviour you are seeing is by design - the system will create the TS Profile with permissions suitable for the user, meaning not inheriting permissions from the parent folder.  If you want your helpdesk staff to have permissions to the user's profile, you can set the "Add the Administrator security group to the roaming user profile share" setting in the GPO that applies to the user/server.  
[Computer Configuration\Administrative Templates\System\ User Profiles]

There is also another setting under Windows Components\Terminal Server that allows you to set a location for TS Profiles (i.e. the parent folder) - this means you don't have to set a location in the user object, and may save you time if you are manually creating users...

Hope this helps!

0
 
LVL 9

Author Comment

by:mystics7
ID: 22651637
I'm trying to give them access to the profile that is created when the end user first logs on. The first time the user logs on the profile fodler is created only with the local admin, system and the users account having permisions, The check box to inherit permisions is not checked by default and i must go in and manually check this. are help desk techs are not part of the domain or local admin groups on any server. We have a Group called PC Support for are techs and they have access at the parent folder of profiles. If i put that click the check box then all permisions are then applied to the end users profile folder. I know the article from MS says home folder but it is the same exact problem only on the profile folder
0
 
LVL 2

Accepted Solution

by:
Ron9909 earned 2000 total points
ID: 22655127
Ok - the problem is that yout techs aren't admins.  If they were you could use the GP setting Imentioned before.  The behaviour you are seeing with profile creation is by design.  When the system creates the profile folder, it won't inherit permissions from the parent.  I think what you will need to do is create a script to either replace permissions on all the newly created profile directories (Xcacls will allow you to grant an additional user permissions to a folder  - http://support.microsoft.com/kb/318754), or you could script creation of the profile directories in advance and allocate whatever permissions you wanted.
0
 
LVL 9

Author Closing Comment

by:mystics7
ID: 31502817
Thank you for your help! that worked
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question