My Documents Redirection

Posted on 2011-03-01
Last Modified: 2012-05-11
So, we have a network with 2 geographical locations.  Each location has its own File/Print Server.  We have 2 group policies to redirect everyone's "My Documents" to one of the two File/Print Servers.  These policies are applied at the "User" level but not the "Computer."  As I understand GPO, this means that Users in the scope of the GPO will be affected by the redirect.  So, if a person that normally works at Location A logs into a computer that's in an organizational unit for Location B their documents should still redirect to Location A's File/Print Server because the user profile is in the organizational unit in the scope of Location A.  In other words, the organizational unit in which the computer is stored should have no impact on how a User GPO is applied.

However, I have a user who's documents are moved from Location A to Location B's File/Print Server every time she logs in at Location B.  Then when she logs in at Location A again, because her docs have all been moved to Location B, they appear to be empty.

Does anyone have any idea why this is happening and how to stop it?
Question by:ParkwayIT
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
LVL 31

Expert Comment

by:Justin Owens
ID: 35011455
How are you binding your GPO?  Is it to an OU or to a Security Group or another method?


Expert Comment

ID: 35011482
you may want to run rsop.msc
you can get an idea if there is an issue with the gpo's being applied. it could be that something is preventing that from applying correctly.

Author Comment

ID: 35011955
The GPO is being bound to an OU and NOT a Security Group nor any other method.

. . .
I will have to wait until this weekend or the next time the user comes down to Location B again to run rsop.msc . . . thank you.
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.


Author Comment

ID: 35012766
rsop.msc shows that the redirection for Location B is being applied even though the user profile being loaded is stored in an organizational unit that the redirection for Location A has been assigned to.

Author Comment

ID: 35012936
Okay, so this is not user nor computer specific.  I am finding that Any user profile that is stored in an OU associated with Location A that logs into a computer that is stored in an OU associated with Location B is having their documents redirected to Location B.

Restatement of my assumption and question:
I was taught that any GPO applied on the User level will be applied to any user profile that is stored in an OU to which the GPO is bound regardless of the OU in which the computer they log into is stored.
Is this true?  If so, why is this happening on our network?  How should I go about troubleshooting the issue?
LVL 31

Expert Comment

by:Justin Owens
ID: 35017305
So, your scenario is:

OU_A for SiteA
OU_B for SiteB

User accounts are in either OU_A or OU_B, depending on their normally assigned site.

Each OU has its own GPO, I will call GPO_A and GPO_B to redirect documents to ServerA and ServerB, respectively.  Computers are in neither OU_A or OU_B, so no GPO could be applied to them to affect document redirection in any way

Your expected behavior is that a user in OU_A, from SiteA, having GPO_A applied to his/her account will redirect to ServerA regardless of his physical location, either SiteA or SiteB.

Is this the case?

Accepted Solution

ParkwayIT earned 0 total points
ID: 35028085
Turns out that GPO_B was set to "Enforce" so any user that logged into a computer within GPO_B's scope would redirect to Server_B regardless of what OU the user profile was stored in.
LVL 31

Expert Comment

by:Justin Owens
ID: 35028230
It seems to me that the scenario posted in

Should have directly resulted in that discovery.  In what way do you not see your solution of unenforcing the GPO at SiteB as related to the above mentioned post?

Author Comment

ID: 35028625
To DrUltima:
Because it was just a rehash of what I already stated . . . That comment appears to be just you trying to see if you understood my situation and had no suggested action. At least rbgnr offered a suggested course of action even though it only reaffirmed what I already knew.  I don't see the word "Enforce" nor "No Override" in any of your comments.  It was a question not a solution:  
Is this the case?
 I would have accepted your comment as a solution if you had asked "Is GPO_B enforced?"

More over, to answer your question: No, this is not the case;
Computers are in neither OU_A or OU_B
 Computers in SiteB were in OU_B and users at SiteA were in OU_A, etc.

I appreciate your attempt to help, but I found the solution on my own.  Thank you.

To Vee Mod:
Accept your own comment as the solution
    If you solved your problem with no assistance from any Expert, post your solution and then click the Accept As Solution button in your own comment. Your points are automatically refunded.

If you want to keep this in the KB, go ahead and remove yours and the "expert's" last comments as it seems very childish to ask for credit on a solution when no solution was offered but instead only questions to better understand the issue.  While I appreciate the attempt to understand the issue, I will only accept solutions, not questions.  Unless that question directly lead to the solution like, "Is GPO_B set to Enforce or No Override?"

Author Comment

ID: 35028992
As I said before, I appreciate DrUltima's attempt to understand my issue.  I see how you may think the use of the word "childish" here is inflammatory.  However, I feel that his objecting to my solution to the issue on the presumption that his questions directly lead to my solution is far too unprofessional to desire him as a continuing active participant in an issue that has already been resolved by my own troubleshooting.  Just because he presented his objection in a professional manner does not mean that the objection its self was professional.

I truly am sorry if I've offended either of you, but I stand by my original argument that objecting to my solution was uncalled-for no matter how "professionally" the objection was presented.

Author Closing Comment

ID: 35067736
Unchecked "Enforce" . . . also known as "No Override" on the GPO that redirected LocationB's documents.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question