Solved

Userhome and Shares

Posted on 2008-10-13
10
222 Views
Last Modified: 2012-05-05
Hi friends,

im somehow stuck with this:

i have a Server 2008 (64bit) as a fileserver,im playin around with it and have created userhomes on the D: drive:

FS1://userhome/%username%

and give each user full rights on the share. on the profile i have given the correct path, also i have created a small batch-file:

net use s ://scans

net use u:// userhome


i have the following problems:

it happens quite often that a user doesnt get a drive mapped,no idea why this (not) happens.

also,regardless if i (as a admin) can see the content of the folders on a userhome, certain users cant.

in the windows-explorer, i have the userhomes listes twice:

once all under the userhome golder, and twice dirctly as a  share on the D:// drive. and all user can see each others folder.

how can i get some order in it,because this is confusing. do i have to set those userhomes as hidden? or is it a server 2008 issue im not aware of?

0
Comment
Question by:boxexpert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
10 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
ID: 22715811

OK, it sounds like you have a bit of a problem! :) I'll go through each point one by one; let me know if you have any questions, and obviously answers to any of my questions!

> it happens quite often that a user doesnt get a drive mapped,no idea why this (not) happens.

How have you assigned the logon script? I presume you have done so through Group Policy, in the User Configuration, Windows Settings, Scripts (Logon/Logoff) section? You need to ideally ensure that the Group Policy you have assigned the script in is linked at the root of the domain - this means that when you load the Group Policy Management Console, you will see the name of the policy with the script defined directly below the <domain>.local container.

I would suspect the main culprit with not getting a mapped drive would be a user which is out of the scope of the policy; linking it at the root of the domain will help this.

> also,regardless if i (as a admin) can see the content of the folders on a userhome, certain users cant.

Check the permissions. The Share permissions (right-click on the UserHome folder on the Server D: drive, Sharing) should ideally be set so that the Everyone group has Full Control / Owner rights. Then, you click on the "Security" tab and add in the appropriate security settings. My recommended configuration would be to have EVERY folder with the Administrator as Full Control, and then on each user folder, the appropriate user account also granted Full Control.

> once all under the userhome golder, and twice dirctly as a  share on the D:// drive. and all user can see each others folder.

How have you assigned the Home Directories? It sounds like you may have done it twice. At present, you are using a batch file to map the drives to the user homes, which means you shouldn't need to have entered any entry in each user's Active Directory properties on the Profile tab. Check the Home Directory section on the user properties is blank.

All users may be able to see each other's folders - that is quite normal depending on the configuration, but can they browse them, and say open up one of the user's files? If they can, it's a permissions issue. Set the permissions as I described above, and you should be OK.

-tigermatt
0
 

Author Comment

by:boxexpert
ID: 22829251
ok,will do. ill let you know about the outcome
0
 

Author Comment

by:boxexpert
ID: 22893085
i did as you told me. the userhomes are working, i shared them as follows:

FS1\\Userhome\username$    and it looks ok.

i will assign the script soon. but where do i edit the GPO? on the domain controller?
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 58

Expert Comment

by:tigermatt
ID: 22908385

Yes. GPO is edited on the Domain Controller. Use Group Policy Management tool in Start, Control Panel, Administrative Tools. Then create a new policy, link it to the domain, and assign the script in User Configuration > Windows Settings > Scripts (Logon/Logoff) > Logon. Ensure you dump the script in a share such as \\domain\NETLOGON so it is accessible at login time.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 23044384

I don't understand why this one warrants deletion? I've been assisting you through this thread and http://www.experts-exchange.com/Q_23777145.html and then you have asked for this to be deleted?
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 23059782

I object to this as I have been assisting this user both here and in his other thread, and now wants it deleted. Posted an original "objection" comment on Wednesday but no response from author in that time so here is my official objection post.

-Matt
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 23062875

I suggest PAQ using http:#a22715811.

-tm
0

Featured Post

Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question