moonlightallan
asked on
How to use Offline files for laptops and not for workstations
OK, my question is this, I have 2003 server R2, and windows xp pro workstations and laptops.
Now currently users have all offline files disabled (using group policy) as I did not want the workstations to sync with offline files. I did this by disabling all the offline files options I could find in group policy as when I first setup the environment, the offilne files kept syncing. That works fine, user logs in, and nothing syncs. Now I have to get their laptops to work so that when the user is off the network at home, they can still work with their files and when they come back and connect it syncs up any changes. I have tried to create another policy for the laptops and moved the laptops into that container AD and then created a new GP and defined offline files is enabled. Currently though this is not working and the offline files options are greyed out when I login to the laptop as a user.
So have I done this right for using offline files on laptops. Currently the user GP will tell the computer no offline files, but I want only laptops to use offline files. HELP please.. thank you in advance.
Now currently users have all offline files disabled (using group policy) as I did not want the workstations to sync with offline files. I did this by disabling all the offline files options I could find in group policy as when I first setup the environment, the offilne files kept syncing. That works fine, user logs in, and nothing syncs. Now I have to get their laptops to work so that when the user is off the network at home, they can still work with their files and when they come back and connect it syncs up any changes. I have tried to create another policy for the laptops and moved the laptops into that container AD and then created a new GP and defined offline files is enabled. Currently though this is not working and the offline files options are greyed out when I login to the laptop as a user.
So have I done this right for using offline files on laptops. Currently the user GP will tell the computer no offline files, but I want only laptops to use offline files. HELP please.. thank you in advance.
Americom
You are doing the right thing I believe. You would create an OU and move your laptop there then apply the Offline-Enabled GPO to this laptop OU. To be sure the policy is applied to this OU, pick one machine and run a gpresult to see what GPOs actually being applied. My guess is you probably have both the User and Computer configuation configured. If so, then you need to disable the User configuration and only enable for Computer configuration as you are intending to apply to computer and not users.
Hi There
AS I uncerstand, you have moved all the laptops into a OU and applied a GPO to that OU allowing them access to ofline files. However, as you have mentioned, Offline Files is a user configuration, so in order to enable the setting for just those users, the user accounts would have to reside in that same OU as well.
The option is greyed out because, the User accounts are having Group Plocies applied to them from either another OU, or its being cascaded down from a Domain Policy.
One way to resolve it would be to move users from their respective OU, to the same OU as the Laptops. Or within Group Policy management console, set -up a filter on the security tab, so that these users didnt have the ability to read whichever GPO was stopping them having access to "Offline Files".
This, however has its down side, beacuse it would ignore every setting on the "ignored" Group Policy and not just the "Offline Files" setting.
Hope this helps.
Fingwong
AS I uncerstand, you have moved all the laptops into a OU and applied a GPO to that OU allowing them access to ofline files. However, as you have mentioned, Offline Files is a user configuration, so in order to enable the setting for just those users, the user accounts would have to reside in that same OU as well.
The option is greyed out because, the User accounts are having Group Plocies applied to them from either another OU, or its being cascaded down from a Domain Policy.
One way to resolve it would be to move users from their respective OU, to the same OU as the Laptops. Or within Group Policy management console, set -up a filter on the security tab, so that these users didnt have the ability to read whichever GPO was stopping them having access to "Offline Files".
This, however has its down side, beacuse it would ignore every setting on the "ignored" Group Policy and not just the "Offline Files" setting.
Hope this helps.
Fingwong
ASKER
In reply to Americom: Well I will tell you more information. We are a school so currently I have OU's for Staff, Pupils, and the computers are in OU's for their area so that I can role out printers. Now the PC's i do not want offline file sync to take place. So in an effort to stop that I disabled all the offline file settings in the GP for Staff and Pupils and the computer. If I now enable those in the newly created Laptop OU will this override the existing settings I have disabled? Im not sure how the settings for a USER work in the Laptop OU, and so I have currently only changed the GP for the COMPUTER in the Laptop OU not USER. .
ASKER
so basically the Staff or Pupils when they login will not have offline file enabled. I just want the laptops to have offline file sync working.
If the newly created OU is under the OU where you applied the Offline-files disabled, and the new GPO for enabling the Offline-files is applied to the newly created OU, it will be the last to applied, thus enabled. Parent OU group policies are applied before child OU group policies. Policies applied later will overwrite policies applied earlier unless the No Override option is enabled on a GPO link.
You don't need to do anything with the Users configuration(assuming is is not configred) as it has less options than the Computer configuration.
You don't need to do anything with the Users configuration(assuming is is not configred) as it has less options than the Computer configuration.
ASKER
so are you saying to create the laptop OU inside the Staff OU ?
ASKER
if i put the Laptop OU inside the Staff OU then the Laptop OU would become a child of Staff. But if so I thought the child has lower priority and therfore offline would still be disabled ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.