Moving "My Documents" Folder Redirection to a new server?

I need to move the redirected "My Documents" share for our users from one server to another.  Does anyone have a best practices for this, or walk through for this?  The last time we attempted this for another client, it turned into an ongoing nightmare.  

This is a small facility with 10 workstations and 1 server(soon to be 2 servers)  
All clients are Windows XP, both servers are Windows 2003.  
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi, I've done this a few times now.  You will have to change the group policy to the new server, have everybody login, take control of the new folders that have been created on the new server and COPY the data from the old server to the new.  

After you copied everything then you will have to assign permissions to each of the users for each of their individual folders.  Just give them full control to their own folders, and be sure to pass inheritance onto lower files through the advanced option (replace permissions on subfolders and files).  

After the new server is in place and everything is syncing then it will actually sync to BOTH servers.  Since this is a small facility this should prove to be pretty easy.  Take the old server offline.  

You will then have to clear the offline cache on EACH machine AFTER you take the server offline.  This will stop the erroneous syncing to the old server.

Follow this procedure to clear that off of each machine:
*use option 1

Once you reboot, it should only sync to the new server.

Good to go.  

I don't have it lying around at this point, but last time I did that, I modified the group policy for the reditection and to run used a batch file to xcopy from the old to the new, then set RO attrib on the oldserver filename.

xcopy \\oldservername\%UserName%\*..* \\newservername\%UserName%\*..* /S /C /O  /-Y
attrib \\oldservername\%oldservername\%username%\*.* +r /s
gpupdate /force

After I see that the files have moved, I remove access to the oldserver user directory and leave it for a week or so - depending on their business practices.

If the batch file runs multiple times, it won't overwrite changes and if they try to access the old data it comes in read only. This tries to force the group policy update, so I usually make the changes after most people have left so in the morning it has had time to replicate in the Active Directory.

Next I go to look for users that have not had data copied yet. When the number gets down to a few, I remove the batch files from the GPO and manually copy the remaining users - if any - usually due to them not logging in.

Hope this helps...
Oh yeah, forgot the wonderfull cache - Thanks, Mighty SW...
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Yes, the cache is vital as they users will still be writing to both servers when you only need one.  They will also generate sync errors or dual sync to both servers when they log off.

Yes, keep the server around for about a week until you know that everything has been copied correctly.

I would still clear the cache, but just keep the server up and ready to copy data that may need to be copied over for some strange reason.  

Ensure that you do the copy during off hours so the users will not be accessing the files.  The easiest way to determine if they are accessing files (even if they are gone) is to right click on my computer, goto manage, and click on open files or sessions and clear them off before you copy.

TylerTreatAuthor Commented:
There has to be a simpler solution than this.....  even on a small network it seems to be a huge pain.

The one we botched at the other client, we are having to sign in as admin and remove all the local profiles for every user, then recreate email profiles.  i might ad that at the app data folder was also redirected for that particular client.  not sure what to do about that one.
I really don't know of an easier manner. I have always found it to be a huge pain......
TylerTreatAuthor Commented:
The Permissions on this should be:
Root Share: Everyone Full
User Folder: User Full, block inbound inheritance, allow downstream inheritance from user folder.

is this correct?
I only give modify, not fill except to administrators. With everone, I would use authenticated users. I also would not block inbound inheritance.
Hope that helps...
User Full is all you have to set.  The folders will be created with CREATOR full control security privelages, when they sign in.

You DO NOT have to recreate the folders manually.  Once the new GPO takes over the folders will automatically create themselves when the users login.  This is when you just copy and past from the other server.
TylerTreatAuthor Commented:
So give the main user group full control over the entire directory with downstream inheritance enabled.  The "creator" will automatically be created by the system?
It will be created automatically because that is default.  Just everyone full control on the share will do it.

The GPO will take care of the rest.

Just remember you will not have access to these folders once they have been create if Grant the user exclusive rights to My Documents is checked.  If you leave that checked you will just have to take control of the folders that the users GP creates AUTOMATICALLY.

There is really nothing else you have to do or set.  Just set the share to everyone full control, and the GP will set the user as the exclusive owner of that folder.  

Good to go.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.