[Webinar] Streamline your web hosting managementRegister Today


"User Shell Folders" messed up by default in registry. Where to modify in AD ?

Posted on 2009-04-07
Medium Priority
Last Modified: 2012-05-06

When I create a new user (in an W2K3 AD), it seems to give wrong values in this user's profile.
I don't know where to check in AD - I'm pretty new in AD environments

The user can't create anything on his desktop for example.
I found out the registry entries in "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" were pretty bad: instead of having standard %USERPROFILE%\blah directories, some of them (example : Desktop, Personal) contain a wrong path, like D:\blah\user.
When I correct it manually on a computer, everything runs fine again.

Where can I check/fix this in the AD?

thank you
Question by:mchkorg
  • 3
  • 2
LVL 27

Expert Comment

ID: 24087008
Are you using local or romaing profiles? It sounds like there are some folder redirection policies being applied to the users in group policy maybe?
On an affected machine, open a blank mmc (Start | Run | mmc). Add the Resultant Set of Policy snap in (File | Add/Remove Snap-in). Then right click the 'resultant set of policy' node in the tree view and select 'Generate RSoP data'
Remember you need to generate the RSoP data for an affected user on that machine, not your user. The resulting query will basically show all the policy settings applied to the machine/user. Navigate to :
User Configuration | Windows Settings | Folder Redirection | Desktop
Are there any settings specified here for folder paths? The problem is, if the settings are applied via group policy, your changes in regedit will be wiped once the user logs off/on again, so you need to change this at the group policy level.

Author Comment

ID: 24087228
Ok, something sure is after reconnection, the correct values are still there.

Something else: one of the affected user has been created by copying an existing one. I think we are just "transporting" some wrong settings from one user to another when copying. Our AD admin creates new users by copying existing ones to get some settings more easily. The mistakes also, I guess...
I'll investigate further with the admin in charge here

And I'll test your first advices and let you know

Author Comment

ID: 24087311
Ok, I can't go further than User Configuration > Windows Settings
(no "Folder Redirection")
Sorry, the question is dummy (I'm new to AD), does that mean I don't overwrite anything via GPO for this parameter?
In that cast, I'm just having a problem due to a bad profile that has been copied and copied again?
LVL 27

Accepted Solution

bluntTony earned 2000 total points
ID: 24089931
OK, sounds like it may be the issue with the copying of profiles. Really you want to have a new profile built for each new user rather than copying the settings from one machine to another.
What happens if you literally just create a new user in AD and then log on as that user to a workstation. If group policy isn't doing anything, you should be OK.

If you need to configure an initial user desktop for users when they first log in, you can configure a Default User profile so that they get a specific setup first of all. They can then edit this to suit their needs. For this to apply to all users, you can store it in the NETLOGON share of your domain controller. The users will all get this initial profile.

Follow these steps: http://technet.microsoft.com/en-us/library/cc780839.aspx, and create a new user. Log on with this new account and you should get the desktop you just configured, and shouldn't be having the issues you currently are.
This should resolve your issues for new users, although the current users will still have to be fixed. Now you could script this if you've got loads of users, but if you've only got a couple it's probably not worth it.

Author Closing Comment

ID: 31567466
Thanks for all

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question