Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

My Documents Redirection

Posted on 2011-03-01
13
Medium Priority
?
367 Views
Last Modified: 2012-05-11
So, we have a network with 2 geographical locations.  Each location has its own File/Print Server.  We have 2 group policies to redirect everyone's "My Documents" to one of the two File/Print Servers.  These policies are applied at the "User" level but not the "Computer."  As I understand GPO, this means that Users in the scope of the GPO will be affected by the redirect.  So, if a person that normally works at Location A logs into a computer that's in an organizational unit for Location B their documents should still redirect to Location A's File/Print Server because the user profile is in the organizational unit in the scope of Location A.  In other words, the organizational unit in which the computer is stored should have no impact on how a User GPO is applied.

However, I have a user who's documents are moved from Location A to Location B's File/Print Server every time she logs in at Location B.  Then when she logs in at Location A again, because her docs have all been moved to Location B, they appear to be empty.

Does anyone have any idea why this is happening and how to stop it?
0
Comment
Question by:ParkwayIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 3
13 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35011455
How are you binding your GPO?  Is it to an OU or to a Security Group or another method?

DrUltima
0
 

Expert Comment

by:rbgnr111
ID: 35011482
you may want to run rsop.msc
you can get an idea if there is an issue with the gpo's being applied. it could be that something is preventing that from applying correctly.
0
 

Author Comment

by:ParkwayIT
ID: 35011955
The GPO is being bound to an OU and NOT a Security Group nor any other method.

. . .
I will have to wait until this weekend or the next time the user comes down to Location B again to run rsop.msc . . . thank you.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:ParkwayIT
ID: 35012766
rsop.msc shows that the redirection for Location B is being applied even though the user profile being loaded is stored in an organizational unit that the redirection for Location A has been assigned to.
0
 

Author Comment

by:ParkwayIT
ID: 35012936
Okay, so this is not user nor computer specific.  I am finding that Any user profile that is stored in an OU associated with Location A that logs into a computer that is stored in an OU associated with Location B is having their documents redirected to Location B.

Restatement of my assumption and question:
I was taught that any GPO applied on the User level will be applied to any user profile that is stored in an OU to which the GPO is bound regardless of the OU in which the computer they log into is stored.
Is this true?  If so, why is this happening on our network?  How should I go about troubleshooting the issue?
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35017305
So, your scenario is:

OU_A for SiteA
OU_B for SiteB

User accounts are in either OU_A or OU_B, depending on their normally assigned site.

Each OU has its own GPO, I will call GPO_A and GPO_B to redirect documents to ServerA and ServerB, respectively.  Computers are in neither OU_A or OU_B, so no GPO could be applied to them to affect document redirection in any way

Your expected behavior is that a user in OU_A, from SiteA, having GPO_A applied to his/her account will redirect to ServerA regardless of his physical location, either SiteA or SiteB.

Is this the case?
0
 

Accepted Solution

by:
ParkwayIT earned 0 total points
ID: 35028085
Turns out that GPO_B was set to "Enforce" so any user that logged into a computer within GPO_B's scope would redirect to Server_B regardless of what OU the user profile was stored in.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35028230
It seems to me that the scenario posted in

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_26856455.html#a35017305

Should have directly resulted in that discovery.  In what way do you not see your solution of unenforcing the GPO at SiteB as related to the above mentioned post?
0
 

Author Comment

by:ParkwayIT
ID: 35028625
To DrUltima:
Because it was just a rehash of what I already stated . . . That comment appears to be just you trying to see if you understood my situation and had no suggested action. At least rbgnr offered a suggested course of action even though it only reaffirmed what I already knew.  I don't see the word "Enforce" nor "No Override" in any of your comments.  It was a question not a solution:  
Is this the case?
 I would have accepted your comment as a solution if you had asked "Is GPO_B enforced?"

More over, to answer your question: No, this is not the case;
Computers are in neither OU_A or OU_B
 Computers in SiteB were in OU_B and users at SiteA were in OU_A, etc.

I appreciate your attempt to help, but I found the solution on my own.  Thank you.

To Vee Mod:
Accept your own comment as the solution
    If you solved your problem with no assistance from any Expert, post your solution and then click the Accept As Solution button in your own comment. Your points are automatically refunded.

If you want to keep this in the KB, go ahead and remove yours and the "expert's" last comments as it seems very childish to ask for credit on a solution when no solution was offered but instead only questions to better understand the issue.  While I appreciate the attempt to understand the issue, I will only accept solutions, not questions.  Unless that question directly lead to the solution like, "Is GPO_B set to Enforce or No Override?"
0
 

Author Comment

by:ParkwayIT
ID: 35028992
As I said before, I appreciate DrUltima's attempt to understand my issue.  I see how you may think the use of the word "childish" here is inflammatory.  However, I feel that his objecting to my solution to the issue on the presumption that his questions directly lead to my solution is far too unprofessional to desire him as a continuing active participant in an issue that has already been resolved by my own troubleshooting.  Just because he presented his objection in a professional manner does not mean that the objection its self was professional.

I truly am sorry if I've offended either of you, but I stand by my original argument that objecting to my solution was uncalled-for no matter how "professionally" the objection was presented.
0
 

Author Closing Comment

by:ParkwayIT
ID: 35067736
Unchecked "Enforce" . . . also known as "No Override" on the GPO that redirected LocationB's documents.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question