• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 843
  • Last Modified:

Redirecting My Docs trouble

Hi all

Windows 2003 Server

In Group Policy, I had a GPO that states:

My Documents (Basic: Redirect everyone's folder to the same location)
Path \\%HOMESHARE%%HOMEPATH%

This was \\server3\users\username

I have moved the user folders to \\server1\users\username now, and I have changed ADUC so that each user profile connects P:\ to \\server1\users\username.

They can all connect to P: fine but My Docs still tries to go to \\server3\users\username

How can I change this? New server is 2008.
0
hongedit
Asked:
hongedit
  • 26
  • 19
  • +1
1 Solution
 
Krzysztof PytkoActive Directory EngineerCommented:
You need to modify appropriate GPO where you set up folder redirection. Change that old location to the new one.

Run on one workstation RSoP.msc and identify which GPO does have those settings. Modify then them and run in command-line on a client

gpupdate /force
or reboot it to apply new settings

Regards,
Krzysztof
0
 
hongeditAuthor Commented:
I know which GPO it is but it is pointing My Docs to the HOMESHARE variable - my question is how do I specify where this variable leads to?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
%HOMESHARE% variable is get from user's profile in AD. Go to ADUC and change entry from the old location the the new one.
This field is in "Profile" tab "Connect <drive> to <homeshare-path>"

Wait for replication between all DCs and should be OK. Re-log on on tha users into domain

Krzysztof
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
hongeditAuthor Commented:
Thats what I thought, and it has been set like that overnight. There are only 2 DC's on a small network so replication shouldnt take that long?

In ADUC I have on the Profile Tab: Connect P: To \\server1\users\username

The P Drive maps and works on user machines. But My Docs is stiill trying to connect to \\server3

Tried rebooting etc several times...?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK, then check once again GPO, if in Root path you specified

%HOMESHARE% variable instead of hard-coded path :)

 Redirect My Documents
Krzysztof
0
 
hongeditAuthor Commented:
Mine looks like this:

 GPO
0
 
hongeditAuthor Commented:
If I change it to match yours, will it move everyone's documents over automatically?

I dont particularly care about the path or how its done, as long as everything is automatic.

I dont want to end up in a situation where I am having to manually repopulate people's My Docs if it creates a new file  structure.
0
 
hongeditAuthor Commented:
Interestingly

If I do Start > Run > %homeshare% on a user machine, it brings up the correct location for the logged on user.

However on RSOP it states \\server3\users\username.

0
 
Krzysztof PytkoActive Directory EngineerCommented:
Nope, it doesn't copy documents from previous location to the new place.
But that should be ok, when you point to "%HOMESHARE%\My Documents"

check for one user first and then (if it works) implement for the rest

One more thing. Log on to the computer and in command-line type

set | find /i "homeshare"

and check if this path is that correct one

Krzysztof
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Strange :/ Can you try to recreate GPO ? Maybe something is wrong with that (cached settings) ?

Krzysztof
0
 
hongeditAuthor Commented:
Will try now
0
 
hongeditAuthor Commented:
Ok.

I disabled the relevant GPO, and then created a NEW one which just redirects My Docs.

Restarted client PC, and rsop tells me that it is still pointing to the old server, but the GPO column is blank - like is isnt picking up the new one.

Strange.

0
 
Krzysztof PytkoActive Directory EngineerCommented:
Do you you GPO Filtering for that ?

Please run in command-line

gpresult /z >c:\gpresult.txt

and attach this file here, please.

Krzysztof
0
 
hongeditAuthor Commented:
On the server or PC?

I have reinstated the old policy now, should I change it back?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
On a PC. No, run that command for this new one

Krzysztof
0
 
hongeditAuthor Commented:
Ok, this is with the original policy in place. gpresult.txt
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Yup, still uses the old settings \\server003 :/
Can you disable folder redirection first and after that enable it again in other policy?

Krzysztof
0
 
hongeditAuthor Commented:
Tried that also, even when the GPO bit in RSOP is blank it still points to the old server!

0
 
hongeditAuthor Commented:
I even tried putting in a random value, nothing seems to shift that old path.

Well the old server is due to be demoted as a DC anyway, so I am doing that now to rule out any DC/Replication error
0
 
hongeditAuthor Commented:
Nada.

So frustrating.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK, when you demoted that DC, create new GPO and apply to clients. Wait some time to be sure that it was applied by them and check once again.

That's very strange that your clients don't want to apply GPO :/

Krzysztof
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Can you also post results of these commands, please?
Run on a DC

dcdiag /c /v >c:\dcdiag.log
repadmin /showrepl /all /intersite /verbose >c:\repadmin.log

Thanks in advance

Krzysztof
0
 
hongeditAuthor Commented:
Yep, demoted DC now.

Completely disabled the GPO, waited 10 mins and end user does not show any different.

 dcdiag.log repadmin.log
0
 
Krzysztof PytkoActive Directory EngineerCommented:
SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.


File Replication Service is initializing the system volume with data from another domain controller. Computer VIC001 cannot become a domain controller until this process is complete. The system volume will then be shared as SYSVOL.

             

            To check for the SYSVOL share, at the command prompt, type:

            net share


other settings are OK. There is problem with SYSVOL share and Group Policy replication! That could be problem. Please follow with this article to recreate SYSVOL share and then we will try to create that GPO with folder redirection once again
http://support.microsoft.com/default.aspx?scid=kb;en-us;315457

Krzysztof
0
 
hongeditAuthor Commented:
Hi

Can you please summarise the steps I need to perform in the link above? I'm a bit paranoid I'm going to mess this up.

The system is live but I need this fixed by tonight, but I dont want to mess it up any further.

Single DC now, Server 2008 R2.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK, so for now, try to ensure that when you type in Explorer on any client

\\domain.local\SYSVOL\domain.local\Policies

you will see GPO GUIDs

If so, try to localize

{6AC1786C-016F-11D2-945F-00C04fB984F9} (Default Domain Controllers Policy)
{31B2F340-016D-11D2-945F-00C04FB984F9} (Default Domain Policy)

Krzysztof
0
 
hongeditAuthor Commented:
Ok, I see those 2 GUID's, amongst others.

What now?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK that means you have shared SYSVOL and 2 basic GPOs exists.
Can you verify if all of FSMO roles are on that 2008 R2 DC, now?

netdom query fsmo

should be all of them on that DC

Now, please fix DHCP server settings for your clients. Go to Server/Scope options and edit option no 006
Remove from that list IP address of demoted DC and put there 2008 R2's IP

Check if your 2008 R2 DC in NIC's properties in DNS section has IP address of Primary DNS server its IP
If not, put it there

In allowed time, please reboot DC.

Check if you can create any new GPO (not necessarily folder redirection, some other) to check if clients would get them from DC

Krzysztof
0
 
hongeditAuthor Commented:
All FSMO Roles are held on the new server.

DHCP has already been sorted.

The DC still had the DNS IP of the old server in the Secondary field, this is now removed.

Will ask to reboot.

I created a new GPO to map a random drive, and it DID work.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK, so now it's time to start with main problem :)
Disable Default User GPO (with folder redirection) and create the new one. But for test please use option from my print screen, ok?

reboot client PC and check if it gets new policy. Run in command-line

RSoP.msc

Krzysztof
0
 
hongeditAuthor Commented:
If I try to specify %HOMESHARE% as the location I get an error that the location is not valid?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
OK try with $HOMESHARE$
if doesn't work, please use hard-coded path \\server\sharename

Krzysztof
0
 
hongeditAuthor Commented:
Nada for both!

I even moved my test user to a new OU to make sure it is isolated and nothing else interfering.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Grrr :(
On one test machine run regedit and remove everything beggining from S-
in this branch

HKLM\Software\microsoft\windows\currentversion\group policy\

reboot PC and check if it gets new policy

Krzysztof
0
 
hongeditAuthor Commented:
Nada :(
0
 
hongeditAuthor Commented:
Whichever way I do it, it rsop just keeps displaying \\vic003
0
 
hongeditAuthor Commented:
Another clue:

Error information in RSOP

27 September 2011 14:59:54

Folder Redirection failed due to the error listed below.
The directory name is invalid.

Additional Information:
Failed to perform redirection of folder My Documents.
The folder is configured to be redirected from <\\vic003\users\Adele> to <C:\Documents and Settings\ameiring\My Documents>.
The following error occurred:
The directory name is invalid.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
I have no more ideas :( sorry
It gets other GPOs but not this one.

The last chance, do the same for HKCU\Software\microsoft\windows\currentversion\group policy\

and in GroupMembership and History remove S-

Krzysztof
0
 
hongeditAuthor Commented:
Ah crap. Now I accidentally deleted the user account I was testing with.

Any quick way of getting it back?
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Download adrestore
http://technet.microsoft.com/en-us/sysinternals/bb963906

and type in command-line

adrestore -r userAccount

Enable restored account set up password and other basic attributes (adrestore cannot restore them)

More about using adrestore (for some day in the future :) )
http://blogs.technet.com/b/asiasupp/archive/2006/12/14/using-adrestore-tool-to-restore-deleted-objects.aspx

Krzysztof
0
 
hongeditAuthor Commented:
Thanks

I wonder if I can cheat for now...
Rename VIC003 to something else
Change VIC003 DNS to point to VIC001

??
0
 
Krzysztof PytkoActive Directory EngineerCommented:
First, you may try with creating alias VIC003 in DNS pointing to host (A) record of VIC001
By the way, when you demoted DC, you should clean up DNS manually and remove it from Sites and Services also :)

Krzysztof
0
 
snusgubbenCommented:
Just a thought:

In the ss you posted in http:#36708503, go to the Settings tab.

Set the UNC path back to what it was.

Untick "Move the content of Documents to the new location".

Log on and off with a user (gpupdate /force).

Verify that the ownership and ACL of the redirected folder is correct on the new share.

Change the UNC path so if reflects the new share.



0
 
hongeditAuthor Commented:
I need to do some more testing.

Basically the user I was testing with I accidentally deleted. I eventually restored it with Backup Exec and after logging on, it picked up the correct path!

So yeah, more testing required.

Shall let you know.
0
 
SandeshdubeySenior Server EngineerCommented:
Removing the folder redirection group policy is a tricky pain in the butt. To properly remove the folder redirection policy, you need to go into the group policy that contains the folder redirection setting and on the "Target" tab, next to the Setting field, you need to select the option for "Not configured". Also, in that same screen, you need to go to the "Settings" tab, (notice the "s" for settings) and here you can choose the behavior the computer will take when the policy is removed. You can choose to leave the redirection in place or have it point back to it's default location.http://support.microsoft.com/kb/888203

If you deleted the policy that contained the folder redirection setting, then the machines will keep the setting as it has been tattooed in the registry. You will need to either re-apply the setting, then follow the procedure above or you can get a tool like the free tool from DesktopStandard and make bulk registry changes via group policies.

The registry key for folder redirection settings are in...

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders and another key above that one for just Shell folders.

Hope that helps
0
 
hongeditAuthor Commented:
Ok.

I set the GPO back as per the article but it still isnt budging.

Looking at the reg key you specified, I can see the default value is %ALLUSERPROFILE%\Documents

I changed this to %Homeshare%\documents but it didnt seem to do anything.

What do I need to change this to?
0
 
hongeditAuthor Commented:
Got it. The reason the original GPO didnt work is because I had already deleted the original path.

I moved one user's docs back to the original server, with the setting to leave the policy in place unticked. Logged off and back on, disabled the policy, and it successfully redirected My Docs to local machine.

Re-enabled the policy and it points to new location.

Perfect.
0

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 26
  • 19
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now