Solved

Userhome and Shares

Posted on 2008-10-13
10
217 Views
Last Modified: 2012-05-05
Hi friends,

im somehow stuck with this:

i have a Server 2008 (64bit) as a fileserver,im playin around with it and have created userhomes on the D: drive:

FS1://userhome/%username%

and give each user full rights on the share. on the profile i have given the correct path, also i have created a small batch-file:

net use s ://scans

net use u:// userhome


i have the following problems:

it happens quite often that a user doesnt get a drive mapped,no idea why this (not) happens.

also,regardless if i (as a admin) can see the content of the folders on a userhome, certain users cant.

in the windows-explorer, i have the userhomes listes twice:

once all under the userhome golder, and twice dirctly as a  share on the D:// drive. and all user can see each others folder.

how can i get some order in it,because this is confusing. do i have to set those userhomes as hidden? or is it a server 2008 issue im not aware of?

0
Comment
Question by:boxexpert
  • 5
  • 2
10 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 250 total points
Comment Utility

OK, it sounds like you have a bit of a problem! :) I'll go through each point one by one; let me know if you have any questions, and obviously answers to any of my questions!

> it happens quite often that a user doesnt get a drive mapped,no idea why this (not) happens.

How have you assigned the logon script? I presume you have done so through Group Policy, in the User Configuration, Windows Settings, Scripts (Logon/Logoff) section? You need to ideally ensure that the Group Policy you have assigned the script in is linked at the root of the domain - this means that when you load the Group Policy Management Console, you will see the name of the policy with the script defined directly below the <domain>.local container.

I would suspect the main culprit with not getting a mapped drive would be a user which is out of the scope of the policy; linking it at the root of the domain will help this.

> also,regardless if i (as a admin) can see the content of the folders on a userhome, certain users cant.

Check the permissions. The Share permissions (right-click on the UserHome folder on the Server D: drive, Sharing) should ideally be set so that the Everyone group has Full Control / Owner rights. Then, you click on the "Security" tab and add in the appropriate security settings. My recommended configuration would be to have EVERY folder with the Administrator as Full Control, and then on each user folder, the appropriate user account also granted Full Control.

> once all under the userhome golder, and twice dirctly as a  share on the D:// drive. and all user can see each others folder.

How have you assigned the Home Directories? It sounds like you may have done it twice. At present, you are using a batch file to map the drives to the user homes, which means you shouldn't need to have entered any entry in each user's Active Directory properties on the Profile tab. Check the Home Directory section on the user properties is blank.

All users may be able to see each other's folders - that is quite normal depending on the configuration, but can they browse them, and say open up one of the user's files? If they can, it's a permissions issue. Set the permissions as I described above, and you should be OK.

-tigermatt
0
 

Author Comment

by:boxexpert
Comment Utility
ok,will do. ill let you know about the outcome
0
 

Author Comment

by:boxexpert
Comment Utility
i did as you told me. the userhomes are working, i shared them as follows:

FS1\\Userhome\username$    and it looks ok.

i will assign the script soon. but where do i edit the GPO? on the domain controller?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 58

Expert Comment

by:tigermatt
Comment Utility

Yes. GPO is edited on the Domain Controller. Use Group Policy Management tool in Start, Control Panel, Administrative Tools. Then create a new policy, link it to the domain, and assign the script in User Configuration > Windows Settings > Scripts (Logon/Logoff) > Logon. Ensure you dump the script in a share such as \\domain\NETLOGON so it is accessible at login time.
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility

I don't understand why this one warrants deletion? I've been assisting you through this thread and http://www.experts-exchange.com/Q_23777145.html and then you have asked for this to be deleted?
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility

I object to this as I have been assisting this user both here and in his other thread, and now wants it deleted. Posted an original "objection" comment on Wednesday but no response from author in that time so here is my official objection post.

-Matt
0
 
LVL 58

Expert Comment

by:tigermatt
Comment Utility

I suggest PAQ using http:#a22715811.

-tm
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time. I read a number of guides concerning it…
Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now