stantechserv
asked on
Redirected Home Drives - Prolems installing software
Ok, I'll start at the beginning.
I had an issue where a new user couldn't install software (windows installer), the error message they get is;
Error 1324. the path My Documents contains an invalid character.
I've also seen a similar message which I havn't got to hand which goes something like;
the <username> is not a valid short name.
Right, my documents has been redirected for all users to one of our file servers. After lot's of reading, I have nothing. I've done lot's of testing too and come up with something. If I make the user in question a local admin of the file server storing my documents, he can install with no errors.
So this leads me to the file server and permissions on that. They have full control to my documents and I tried giving him full control to the share but no joy. I've also looked at the local security policy and given them rights to any objects that seemed could be remotely relevant (like by traverse checking, backup files and directories etc) yes, clutching at straws here.
The answer has to be within the rights on the file server but I just can see what. Can anybody give me a clue on where I should be looking next. I naturally don't want to give them admin rights to the file server, nor do I want to do what the previous admins have done which is add them to domain admins :)
Oh, windows 2003 R2 SP2 servers Windows 2003 AD domain in mixed (I think)
Thanks
I had an issue where a new user couldn't install software (windows installer), the error message they get is;
Error 1324. the path My Documents contains an invalid character.
I've also seen a similar message which I havn't got to hand which goes something like;
the <username> is not a valid short name.
Right, my documents has been redirected for all users to one of our file servers. After lot's of reading, I have nothing. I've done lot's of testing too and come up with something. If I make the user in question a local admin of the file server storing my documents, he can install with no errors.
So this leads me to the file server and permissions on that. They have full control to my documents and I tried giving him full control to the share but no joy. I've also looked at the local security policy and given them rights to any objects that seemed could be remotely relevant (like by traverse checking, backup files and directories etc) yes, clutching at straws here.
The answer has to be within the rights on the file server but I just can see what. Can anybody give me a clue on where I should be looking next. I naturally don't want to give them admin rights to the file server, nor do I want to do what the previous admins have done which is add them to domain admins :)
Oh, windows 2003 R2 SP2 servers Windows 2003 AD domain in mixed (I think)
Thanks
ASKER
In order;
1. Yes. Full control is applied to all files and folders inherrited down through the three
2. The users in question have been put into the administrators group on the local security policy of the machine in question. so AFAIC they have sufficent rights to install software onto that machine
3. This doesn't seem relevant, the ssue seems to be around permissions or the way the windows installer sees the re-directed home drive. Regardless, I'll try this out and report back as anything is worth a try
1. Yes. Full control is applied to all files and folders inherrited down through the three
2. The users in question have been put into the administrators group on the local security policy of the machine in question. so AFAIC they have sufficent rights to install software onto that machine
3. This doesn't seem relevant, the ssue seems to be around permissions or the way the windows installer sees the re-directed home drive. Regardless, I'll try this out and report back as anything is worth a try
ASKER
#3 tested, sorry this didn't help :(
I think I might need to test the behaviour of redirected documents and installing windows installer apps in a test lab. see if it's my environment or a "feature"
I think I might need to test the behaviour of redirected documents and installing windows installer apps in a test lab. see if it's my environment or a "feature"
How have you redirected the folders in the policy? What string have you used to denote the username?
You should be using %username%.
Also, you haven't used an administrative share such as c$ in the UNC have you?
You should be using %username%.
Also, you haven't used an administrative share such as c$ in the UNC have you?
ASKER
Good question.
We're using
User Config\Windows Settings\Folder Redirection\My Documents\
Setting : Basic : redirect everyone's folder to the same location
Path: \\<server>home drives\%username%\my documents
One thing I noticed there was Grant user exclusive rights to my documents was disabled
We're using
User Config\Windows Settings\Folder Redirection\My Documents\
Setting : Basic : redirect everyone's folder to the same location
Path: \\<server>home drives\%username%\my documents
One thing I noticed there was Grant user exclusive rights to my documents was disabled
Granting exclusive access just block administrators from accessing the profile, so this shouldn't be causing your problem.
Have a look in the registry under the following keys:
HKCU\Software\Microsoft\Wi
HKCU\Software\Microsoft\Wi
How do the paths show in here? (My documents is 'Personal') Anything funny looking?
Have a look in the registry under the following keys:
HKCU\Software\Microsoft\Wi
HKCU\Software\Microsoft\Wi
How do the paths show in here? (My documents is 'Personal') Anything funny looking?
ASKER
Personal shows as;
\\<server>\home drives\<username>My Documents
in both locations. Nothing seems to suggest any foul play in that key. As a test, I can unc to that from that machine
\\<server>\home drives\<username>My Documents
in both locations. Nothing seems to suggest any foul play in that key. As a test, I can unc to that from that machine
ASKER
Increasing points fwiw
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Trafsta, you genious!
Strange thing is, I just came about another issue with people not benig able to create mail merges, this also boiled down to permisions on \\<server>\home. So I did exactly what you'd said on Monday and that problem went away but I never thought of testing the installation issue after making that change
So I just tested it and yes, the issue seems to be resolved.
Strange thing is, I just came about another issue with people not benig able to create mail merges, this also boiled down to permisions on \\<server>\home. So I did exactly what you'd said on Monday and that problem went away but I never thought of testing the installation issue after making that change
So I just tested it and yes, the issue seems to be resolved.
Hey strantechserv :) Yes it was a very strange problem. Fixing the permissions actually fixed another "Offline files" issues that I've been having for about 1 1/2 years (offlines files would stay offline and now allow the user to go back online after resuming from hibernate or sleep mode)... it was much more troublesome than this windows installer error even. I posted pretty much the same answer to that problem here (check it out): http://www.thebitguru.com/articles/21-Fixing%20Offline%20Files%20in%20Windows%20Vista
So I'm guessing there might be even more problems out there that can be solved by correcting permissions on users home folder share.
I'm going to check out other strange problems that users have been having today to see if this fix might have resolved their issues as well. :)
So I'm guessing there might be even more problems out there that can be solved by correcting permissions on users home folder share.
I'm going to check out other strange problems that users have been having today to see if this fix might have resolved their issues as well. :)
On the top folder, go Properties | Security | Advanced | Tick 'Replace permission entries on all child objects...'
Also, do the users actually have permissions to install new software regardless of file redirection? Usually standard Domain Users do not.
There is a policy you can set to have Windows Installer run with elevated permissions:
Computer Configuration | Administrative Templates | Windows Components | Windows Installer | Always Install with Elevated Privileges
This would have to be applied to the users' workstations, not the server.
Hope this helps.