[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

active directory inheritance and start menu folder redirection

Posted on 2009-04-07
5
Medium Priority
?
605 Views
Last Modified: 2012-08-13
Our group policy for our students has a policy set to redirect the start menu to a server location.  We are trying to move away from this but not all labs at the same time.    I tried to block inheritance on the new lab and reset its start menu redirection direction to another location.    Better yet would to cancel the redirection altogether and allow the local start menu to stand on its own.   Starting with a clean system and no profiles, anytine i log in with a student ID I still see the original redirected start menu.   Any idea's on how to stop folder redirection at a sub level short of creating a whole new OU ouitlide the lab container?
0
Comment
Question by:jsadin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:cmorffew
ID: 24089767
Have  you confirmed that it is the re-directed start menu?
Did you change the setting of the GPO (Group Policy Object) Policy Removal setting?

If it is the re-directed desktop - force a gp update and then reboot and try again.

Hopefully the Policy Removal was set to redirect the folder back, otherwise;
1. re-apply the policy to the container as is,
2. run gpupdate /force on client machines or wait for the gpupdate cycle to refresh and reboot
3. change the policy removal setting to "redirect back..."
4. run gupdate /force and reboot - same as point 2
5. remove the policy by changing the policy setting to "not configured"
6. repeat 2 again!

if the settings are already correct and all you did was change the policy to "not Configured" are you using roaming profiles?
0
 

Author Comment

by:jsadin
ID: 24099337
Thanks for you quick reply.

Tried all of this and it still is pumping over the start menufrom the server versus using the existing user path to the start menu.  Actualy it looks like the user local user start menu all programs entries are appended on the server entries.  
In answer to your question...yes we do use roaming profiles.

Thanks in advance,
Jim
0
 
LVL 9

Accepted Solution

by:
cmorffew earned 2000 total points
ID: 24099890
Roaming profiles are very problematic.
You might have to delete all your roaming profiles in the OU that you are testing and allow them to be re-created.

We were initially using roaming profiles but casued us so many issues that in the end i decided to use folder re-direction only, mainly the My Documents folder.  the other folders would always have some issue and i was having to constantly wipe and re-build profiles.

One thing to try before wiping the profiles - pick a user and delete the Start menu folder from their roaming profile on the server. then get them to login and see if that solves the issue.
If that doesnt do it try deleting the folder from the local and sever copy of their profile.
0
 

Author Comment

by:jsadin
ID: 24141355
Sorry for the delay getting back...got sidetracked but the train is back on the tracks
New users will work but older profiles do not pick up the blocked inheritance so your idea of deleting cached profiles might be a path to follow.  but also,
I was playing with system  group policy  loopback processing and it did stop the inheritance from the uper policy but it also created other issues because of roaming profiles.   I havn't had a chance to investigate this yet but I do need to test this out more thoroughly.  
0
 

Author Closing Comment

by:jsadin
ID: 31567614
We are leaning on removing all roaming profiles as you suggest.  We do use folder redirection.  I am testing all our programs for possible interaction but no issues so far.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question