[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now


Userhome and Shares

Posted on 2008-10-13
Medium Priority
Last Modified: 2012-05-05
Hi friends,

im somehow stuck with this:

i have a Server 2008 (64bit) as a fileserver,im playin around with it and have created userhomes on the D: drive:


and give each user full rights on the share. on the profile i have given the correct path, also i have created a small batch-file:

net use s ://scans

net use u:// userhome

i have the following problems:

it happens quite often that a user doesnt get a drive mapped,no idea why this (not) happens.

also,regardless if i (as a admin) can see the content of the folders on a userhome, certain users cant.

in the windows-explorer, i have the userhomes listes twice:

once all under the userhome golder, and twice dirctly as a  share on the D:// drive. and all user can see each others folder.

how can i get some order in it,because this is confusing. do i have to set those userhomes as hidden? or is it a server 2008 issue im not aware of?

Question by:boxexpert
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
LVL 58

Accepted Solution

tigermatt earned 1000 total points
ID: 22715811

OK, it sounds like you have a bit of a problem! :) I'll go through each point one by one; let me know if you have any questions, and obviously answers to any of my questions!

> it happens quite often that a user doesnt get a drive mapped,no idea why this (not) happens.

How have you assigned the logon script? I presume you have done so through Group Policy, in the User Configuration, Windows Settings, Scripts (Logon/Logoff) section? You need to ideally ensure that the Group Policy you have assigned the script in is linked at the root of the domain - this means that when you load the Group Policy Management Console, you will see the name of the policy with the script defined directly below the <domain>.local container.

I would suspect the main culprit with not getting a mapped drive would be a user which is out of the scope of the policy; linking it at the root of the domain will help this.

> also,regardless if i (as a admin) can see the content of the folders on a userhome, certain users cant.

Check the permissions. The Share permissions (right-click on the UserHome folder on the Server D: drive, Sharing) should ideally be set so that the Everyone group has Full Control / Owner rights. Then, you click on the "Security" tab and add in the appropriate security settings. My recommended configuration would be to have EVERY folder with the Administrator as Full Control, and then on each user folder, the appropriate user account also granted Full Control.

> once all under the userhome golder, and twice dirctly as a  share on the D:// drive. and all user can see each others folder.

How have you assigned the Home Directories? It sounds like you may have done it twice. At present, you are using a batch file to map the drives to the user homes, which means you shouldn't need to have entered any entry in each user's Active Directory properties on the Profile tab. Check the Home Directory section on the user properties is blank.

All users may be able to see each other's folders - that is quite normal depending on the configuration, but can they browse them, and say open up one of the user's files? If they can, it's a permissions issue. Set the permissions as I described above, and you should be OK.


Author Comment

ID: 22829251
ok,will do. ill let you know about the outcome

Author Comment

ID: 22893085
i did as you told me. the userhomes are working, i shared them as follows:

FS1\\Userhome\username$    and it looks ok.

i will assign the script soon. but where do i edit the GPO? on the domain controller?
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

LVL 58

Expert Comment

ID: 22908385

Yes. GPO is edited on the Domain Controller. Use Group Policy Management tool in Start, Control Panel, Administrative Tools. Then create a new policy, link it to the domain, and assign the script in User Configuration > Windows Settings > Scripts (Logon/Logoff) > Logon. Ensure you dump the script in a share such as \\domain\NETLOGON so it is accessible at login time.
LVL 58

Expert Comment

ID: 23044384

I don't understand why this one warrants deletion? I've been assisting you through this thread and http://www.experts-exchange.com/Q_23777145.html and then you have asked for this to be deleted?
LVL 58

Expert Comment

ID: 23059782

I object to this as I have been assisting this user both here and in his other thread, and now wants it deleted. Posted an original "objection" comment on Wednesday but no response from author in that time so here is my official objection post.

LVL 58

Expert Comment

ID: 23062875

I suggest PAQ using http:#a22715811.


Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question