[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 595
  • Last Modified:

Terminal Server Folder Redirection

Hey All

I created a network share on my domain controller "\\server\termdata$" Share permissions = everyone (full), ntfs security = Administrators (full) Creator/Owner (full)/System (full)/Domain Users (read/write/travers - this folder only). I enabled all Files + Optimization on share caching for offline use.

I do have roaming TS profiles setup via group policy and the local profile cache is automatically deleted upon logoff. This is working great, but the logons are slow, so i am attempting folder redirection.

I set folder redirection for App Data/Desktop/Documents to '\\server\termdata$" (exactly like this).Went go computer>admin...>system>group policy>enabled folder redirection policy "allow processing....". Set synchronize files logon and logoff to enabled. Closed GPO, ran gpupdate /force on terminal server. Then logged on a test user which is an authenticated user, and no redirection. I logged on several times, waited for a bit to see if synch just took a while, enabled slow link detection to 500kbs, and still no dice. reboot, tried again, didnt work still, set domain user to full read/write/modify access on share, and still no luck. All the mean while roaming TS profiles was still functional using the same GPO.

Any help would be awesome!
0
ValleyENT
Asked:
ValleyENT
  • 5
  • 4
1 Solution
 
AmericomCommented:
I don't see authenticated user could have access to \\server\termdata$ or was that just neglected to include on your description?
0
 
AmericomCommented:
nevermind, sorry, i guess i was thnking something else. I'm assuming the test user is a member of domain user, correct?

Since your GPO is a computer GPO, is this GPO linked to the OU where your terminal server is in?
0
 
ValleyENTAuthor Commented:
Yes, my test user is a member of the domain or DOMAIN\username. Also, I have an OU that contains all of my terminal servers, and the GPO is sitting right on the OU. This is not only a computer gpo but it is a user gpo as well, folder redirection can only be done under User Configuration.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
Briguy_572Commented:
Are the folders being created in the \\server\termdata$ folder?
try changing the redirection to use the following:
\\server\termdata$\%username%\Desktop
\\server\termdata$\%username%\My Documents
\\server\termdata$\%username%\Application Data
-also - when you are logged on, bring up a command prompt and run "gpresult".  what polices are being applied?
we have our "My documents" being redirected to our "home drive" as defined in Active Directory users and computers.  that way, those files follow them on a desktop or through terminal services (My Docs redirects to path: \\%HOMESHARE%%HOMEPATH%).  good luck.
0
 
AmericomCommented:
sorry again, mis-reading your description and thought you were configuring it as a computer GPO.
Anyway, since your GPO is configured on the User configuration and it is linked to OU with terminal server, then you should enable the loopback processing in order for the user configuration section to work.
0
 
ValleyENTAuthor Commented:
Americom, may need a bit more detail here. Not sure what you are referring too.

Briguy 572: No, the users folders are not even being created. Also, if I input \\server\share$\%username%\Application Data it will not accept it. It automatically reverts it to \\server\share$\ because technically the directories do not exist yet. Do I HAVE TO create them manually first? Can I just have them redirect the folders to the same share I have the user roaming profile? technically it is still folder redirection, but the files just happen to reside in the same share as the roaming profiles, i'm sure this isn't best practice though.
0
 
AmericomCommented:
Try enable the loopback processing mode by Computer Configration>Administrative Templates>System>Group Policy>User Group Policy loopback processing mode>enable

\\server\share$ is fine, best practice is to have those user folder created automatically.
0
 
AmericomCommented:
I should say "best practice" may be just a recommendation, it really depending on the enviornment and requirement as well as security preference etc.
0
 
ValleyENTAuthor Commented:
This is what I am seeing from gpresult. The policy i am configuring for redirection and ts roaming profile is "Default TS Policy"
Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001
 
Created On 4/21/2009 at 7:56:02 PM
 
 
RSOP data for asdf\testing on asdfXEN1 : Logging Mode
------------------------------------------------------
 
OS Type:                     Microsoft(R) Windows(R) Server 2003, Standard Editi
on
OS Configuration:            Member Server
OS Version:                  5.2.3790
Terminal Server Mode:        Application Server
Site Name:                   Default-First-Site
Roaming Profile:             \\asdf\termprof$\testing.VENT
Local Profile:               C:\Documents and Settings\testing
Connected over a slow link?: No
 
 
COMPUTER SETTINGS
------------------
    Last time Group Policy was applied: 4/21/2009 at 7:54:44 PM
    Group Policy was applied from:      asdfmail.VENT.local
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        asdf
    Domain Type:                        Windows 2000
 
    Applied Group Policy Objects
    -----------------------------
        Default Computer Policy
        Default TS Policy
        Default Computer Policy
        Local Group Policy
 
    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Primary User Policy
            Filtering:  Disabled (GPO)
 
    The computer is a part of the following security groups
    -------------------------------------------------------
        BUILTIN\Administrators
        Everyone
        IIS_WPG
        BUILTIN\Users
        NT AUTHORITY\NETWORK
        NT AUTHORITY\Authenticated Users
        This Organization
        asdfXEN1$
        Domain Computers
        TSFolderRedirection
 
 
USER SETTINGS
--------------
    Last time Group Policy was applied: 4/21/2009 at 7:54:41 PM
    Group Policy was applied from:      asdftmail.VENT.local
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        asdf
    Domain Type:                        Windows 2000
 
    Applied Group Policy Objects
    -----------------------------
        Secondary User Policy
        Primary User Policy
        Local Group Policy
 
    The user is a part of the following security groups
    ---------------------------------------------------
        Domain Users
        Everyone
        BUILTIN\Power Users
        Remote Desktop Users
        BUILTIN\Users
        REMOTE INTERACTIVE LOGON
        NT AUTHORITY\INTERACTIVE
        TERMINAL SERVER USER
        NT AUTHORITY\Authenticated Users
        This Organization
        LOCAL
        DMUser
        WS Level 2

Open in new window

0
 
ValleyENTAuthor Commented:
I had applied the GPO over an OU containing computers. Once I enabled loopback waited for my settings to replicate to the other DC, I was good to go.

Thank You!
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now