• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 791
  • Last Modified:

Active Directory Users personal folders auto rename

When a new user is created in Active directory, a private users folder is auto created and mapped to the user as "U:\"  where "U" = the user name.
recently, a group of about 10 % of the user base is renaming the folders from the users name to "My Documents".

The users mapped drives still work, the only confusion is when administrators try to find the folder for an individual using windows explorer or other search methods.
0
wlasner
Asked:
wlasner
  • 3
  • 3
1 Solution
 
bigstylerCommented:
Hello,

give only the "List Folder Permission" for your user in the root of his directory. And Then give the "Modify" right on the subfolder.

The user will not be able anymore to change the root folder name.
0
 
wlasnerDirector, ITAuthor Commented:
The user is not changing the name, it is changing on its own.....
0
 
bigstylerCommented:
Oh ok !
This is a problem with desktop.ini file that is interpreted by Windows 7 from your admin computers.

Do you have a desktop.ini file in the root folder ? (choose to display hidden and system files).

If yes, please modify the security of the file to grant only the right to deny the right for your admins.
Then they will be able to display the folder correctly.

You can run this with a script like :

%windir%\system32\icacls.exe %homedrive%\Desktop.ini /deny "Domain Admins":r
%windir%\system32\icacls.exe %homedrive%\Desktop.ini /deny Administrators:r
%windir%\system32\icacls.exe %homedrive%\Desktop.ini /deny "Other Admin Groups":r


0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
wlasnerDirector, ITAuthor Commented:
There is a destop.ini file.  can you please explain more detail on what needs to be done and where the script should be run.
thanks
0
 
bigstylerCommented:
Just to be sure and do it easily just directlry modify the ACL of the desktop.ini for a user.

Deny read access to it for everyone and then try to reproduce the issue :)
0
 
wlasnerDirector, ITAuthor Commented:
OK - deny admin and domain admin worked - thank you.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now