ricardocoto
asked on
Group Policy partly applied
Hello,
I recently created a new group policy object to exclude some folders out of the users' profile. I created the policy so it applies to User's Configuration and initially defined the values of folders to be excluded as follows:
"My Documents";Cookies;"Applic
Then Cookies and temp were excluded but not the others. Going through my users' profiles I noticed that the "My Documents" folder inside each profile was named "USERNAME's Documents" (for example, mikew's Documents) so I changed the values of the folders in the policy to the following:
"%USERNAME%'s Documents";Cookies;"Applic
Still no luck. Probably the "My Documents" folder needs some tricky naming, but for the sake of me I can't understand why the other one ("Application Data\Sun") doesn't get excluded.
Am I doing something wrong?
Any help is appreciated.
Environment: DC with W2003 R2, TS, File and Print.
The GP Results Wizard run on a few of the users, does not reveal any errors. It says that the winning GPO is the one I intend to apply. Event viewer says GPOs have been applied successfully. Any ideas?
Thanks,
I recently created a new group policy object to exclude some folders out of the users' profile. I created the policy so it applies to User's Configuration and initially defined the values of folders to be excluded as follows:
"My Documents";Cookies;"Applic
Then Cookies and temp were excluded but not the others. Going through my users' profiles I noticed that the "My Documents" folder inside each profile was named "USERNAME's Documents" (for example, mikew's Documents) so I changed the values of the folders in the policy to the following:
"%USERNAME%'s Documents";Cookies;"Applic
Still no luck. Probably the "My Documents" folder needs some tricky naming, but for the sake of me I can't understand why the other one ("Application Data\Sun") doesn't get excluded.
Am I doing something wrong?
Any help is appreciated.
Environment: DC with W2003 R2, TS, File and Print.
The GP Results Wizard run on a few of the users, does not reveal any errors. It says that the winning GPO is the one I intend to apply. Event viewer says GPOs have been applied successfully. Any ideas?
Thanks,
Lofty Worm
Is altering the entriy with surrounding " " or ' ' change anything?
ASKER
Hi loftyworm:
When you say the entry, do you refer to the whole string of folder names?
I use " " because an article I read that when using folder names with spaces in between you need to use quotation marks, even if you use a variable such as %APPDATA% because that variable is pointing to a folder names with spaces. I haven't tried single quotation marks yet.
I'll try tonight and let you know, tomorrow.
Thanks,
When you say the entry, do you refer to the whole string of folder names?
I use " " because an article I read that when using folder names with spaces in between you need to use quotation marks, even if you use a variable such as %APPDATA% because that variable is pointing to a folder names with spaces. I haven't tried single quotation marks yet.
I'll try tonight and let you know, tomorrow.
Thanks,
The actual issue is that the physical folder is called "My Documents". Your client interpretes the metadata of the folder and labels it "username's Documents"; however, the actual folder name is still the original "My Documents". You can actually demonstrate this behavior by browsing the drive via an administrative share over the network. Often the folders end up with your username's Documents.
I would suggest you just update your GPO to reference "%userprofile%\My Documents" as this is the data you are trying to exclude.
Hopefully this helps!
I would suggest you just update your GPO to reference "%userprofile%\My Documents" as this is the data you are trying to exclude.
Hopefully this helps!
ASKER
loftyworm: The single quotation didn't work
jhoncoop: I just updated the GPO with your suggestion. Sadly I'll have to wait till Mon to know the results. It is late and everybody has left the office for the weekend.
Have a good weekend and thanks for your help.
Ricardo.
jhoncoop: I just updated the GPO with your suggestion. Sadly I'll have to wait till Mon to know the results. It is late and everybody has left the office for the weekend.
Have a good weekend and thanks for your help.
Ricardo.
ASKER
jhoncoop:
I checked today and the "My Documents" folder is still there. BTW your description of what might be happening is exact the opposite. On the client's computer the folder is named "My Documents" but on the server, where the profile is stored, the folder gets the name "USERNAME's Documents". I can't figure it out how to exclude it.
Thanks,
Ricardo
I checked today and the "My Documents" folder is still there. BTW your description of what might be happening is exact the opposite. On the client's computer the folder is named "My Documents" but on the server, where the profile is stored, the folder gets the name "USERNAME's Documents". I can't figure it out how to exclude it.
Thanks,
Ricardo
ASKER
I have more info:
I tried to simplify the list of excluded folders to troubleshoot this issue better, so I left the list as follows:
Cookies;temp;"%APPDATA%"
So far Cookies and temp get excluded, but APPDATA does not. Does the fact that we have users' roaming profiles on a shared folder "E:\Profiles" has anything to do with this issue?
Have any one got any ideas?
I'll try to include another folder that is not set in a variable and see what happens and report it back here.
Thanks,
Ricardo.
I tried to simplify the list of excluded folders to troubleshoot this issue better, so I left the list as follows:
Cookies;temp;"%APPDATA%"
So far Cookies and temp get excluded, but APPDATA does not. Does the fact that we have users' roaming profiles on a shared folder "E:\Profiles" has anything to do with this issue?
Have any one got any ideas?
I'll try to include another folder that is not set in a variable and see what happens and report it back here.
Thanks,
Ricardo.
Yeah, that is my thought as well, I am wondering if the variable is being passed correctly. I will look and see how variables are handles in GPO's
ASKER
loftyworm:
Thanks for your quick response. I did some changes on the profile. I tried to eliminate the variables this time and I'll report back.
Regards,
Ricardo.
Thanks for your quick response. I did some changes on the profile. I tried to eliminate the variables this time and I'll report back.
Regards,
Ricardo.
This was saying that environment variables may not work;
http://www.eggheadcafe.com/software/aspnet/29542359/environment-variables-in.aspx
http://www.eggheadcafe.com/software/aspnet/29542359/environment-variables-in.aspx
ASKER
More updates:
- The simple "Application Data" as a folder to be excluded in the list didn't work (yes I'm using "" because of the space in the folder name)
- The "%APPDATA%" variable didn't work either (I'm using "" here too because the variable refers to a name that has a space in it)
- The Cookies;temp folders get excluded (There is no need to use "")
Haven't tried any other options for the "My Documents" folder since this one is more complicated because the name changes applied to it by the system (see previous posts). After sorting out why the "Application Data" does not get excluded I'll try with the "My Documents".
Anyone has any ideas?
Thanks,
Ricardo.
- The simple "Application Data" as a folder to be excluded in the list didn't work (yes I'm using "" because of the space in the folder name)
- The "%APPDATA%" variable didn't work either (I'm using "" here too because the variable refers to a name that has a space in it)
- The Cookies;temp folders get excluded (There is no need to use "")
Haven't tried any other options for the "My Documents" folder since this one is more complicated because the name changes applied to it by the system (see previous posts). After sorting out why the "Application Data" does not get excluded I'll try with the "My Documents".
Anyone has any ideas?
Thanks,
Ricardo.
Have you tried this
"cookies;temp;%appdata%"
"cookies;temp;%appdata%"
I found this also. Seems that appdata folder may be special.
https://www.experts-exchange.com/questions/23743194/Can-the-AppData-Local-folder-be-redirected.html
https://www.experts-exchange.com/questions/23743194/Can-the-AppData-Local-folder-be-redirected.html
ASKER
Hi loftyworm:
I haven't tried the suggested list, but I will definitively do it today and see what happens. Regarding the post on the link, the issue this particular user was having was with redirection. I'm just trying to exclude from the roaming profile which should be more simple.
Anyways I appreciate your time and effort and will let you know the outcomes of the proposed form.
I'm sorry if this is going slow but I'm a one man IT shop, and as you might guess they keep me really busy.
Thanks,
Ricardo.
I haven't tried the suggested list, but I will definitively do it today and see what happens. Regarding the post on the link, the issue this particular user was having was with redirection. I'm just trying to exclude from the roaming profile which should be more simple.
Anyways I appreciate your time and effort and will let you know the outcomes of the proposed form.
I'm sorry if this is going slow but I'm a one man IT shop, and as you might guess they keep me really busy.
Thanks,
Ricardo.
ASKER
loftyworm:
Tried the last suggestion, no joy. I don't know whether to close this question or not given there aren't any other suggestions. At this point I feel really frustrated. I'm going to make a last attempt to contact MS support to see if they can offer a solution.
Thanks for all your help.
Ricardo.
Tried the last suggestion, no joy. I don't know whether to close this question or not given there aren't any other suggestions. At this point I feel really frustrated. I'm going to make a last attempt to contact MS support to see if they can offer a solution.
Thanks for all your help.
Ricardo.
ASKER
For the admin or moderator:
I don't know what to do with this question since there are no responses. Please advice.
Thanks,
I don't know what to do with this question since there are no responses. Please advice.
Thanks,
Ricardo,
Sorry, I was out of town for a while.
I am out of ideas. You may contact a moderator by selecting the "Request attention" at the top of the article, at the end of your post. They can close or may be able to notify other experts to take a second look at this.
Sorry, I was out of town for a while.
I am out of ideas. You may contact a moderator by selecting the "Request attention" at the top of the article, at the end of your post. They can close or may be able to notify other experts to take a second look at this.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
THANK YOU!!!! pilozite:
I can not express my gratitude enough! That made the trick.
I will give you all the points, I think you deserve it. By following the comments in the linked post I could resolve it in minutes.
One more time thank you and have a good day!
Ricardo,
I can not express my gratitude enough! That made the trick.
I will give you all the points, I think you deserve it. By following the comments in the linked post I could resolve it in minutes.
One more time thank you and have a good day!
Ricardo,