Solved

Can't access Roaming Profiles folders as an administrator

Posted on 2011-09-27
5
1,965 Views
Last Modified: 2012-05-12
Hey everyone,

I have an issue that I haven't really found a direct answer to yet.  I have a server 2008 setup with roaming profiles but I cannot access the profile folders on the server with the administrator, only the user can access the folder.  This is obviously an issue when tryign to backup the roaming folders.  If I take ownership of the folder then it prevents the user from accessing it when they log on and gives them a temporary profile.  I added administrator priviges in group policy for roaming profiles but they are currently using their systems.  I figured Id' try it tonight once they logged off but I'm not holding out hope since the folders are already created.  Even after gpuopdate /force I dont' have access.  Do I need to recreate the roaming folders now that the GPO has changed?  Am I doing something wrong?

This site has helped me so many times I love it, and as always thanks in advance!
0
Comment
Question by:blue92lx
  • 2
  • 2
5 Comments
 
LVL 9

Accepted Solution

by:
Lester_Clayton earned 125 total points
ID: 36712726
This is a very common problem.  I'm afraid to say that you've left off a really important flag in the GPO.  I'll screenshot it.

 User Pofiles
I'm afraid to say that you will need to recreate their profiles in order for this new change to become effective.
0
 
LVL 10

Assisted Solution

by:abhijitwaikar
abhijitwaikar earned 125 total points
ID: 36714172
Are you using a GPO to assign the location of the roaming profile?
If so, then this behavior is expected. there's a GPO setting to allow the user exclusice rights (admin denied access) to the roaming profile that is enabled by default. You have to disable this option in order for the admin to have access. The downside is that this setting takes effect for new profiles only, not existing profiles. My recommendation would be to disable the option, pull whatever you need out of the profile, delete it, and let Windows recreate it with the appropriate permissions for the user and the administrator.

Take a look : http://www.grouppolicy.biz/2010/08/best-practice-roaming-profiles-and-folder-redirection-a-k-a-user-virtualization/
0
 

Author Comment

by:blue92lx
ID: 36716672
I see, that's what I figured is that I'm going to have to recreate their roaming profiles.  I didn't add the GPO that Lester has circled until after the profiles were saved to the server.

Also right now I'm doing a per user setup in Active Directory, but if I use the Default Domain Policy and set it up in the "Set roaming profile path for all users logging onto this computer” that will be applied to each computer correct?  If so I'll just change it to GPO instead of Per User setup.
0
 
LVL 9

Expert Comment

by:Lester_Clayton
ID: 36718161
Unfortunately, per user setup in Active Directory cannot obtain the benefit of the GPO I've highlighted.  You will need to do some careful planning and maybe even implementing a loopback policy, because this setting can only be applied at computer level.  A carefully placed GPO can affect workstations or terminal servers, or both :)
0
 

Author Comment

by:blue92lx
ID: 36907407
unfortunately I do not work for the company anymore that had this client.  I will accept both solutions since it did help, however I didn't ever get a chance to test it
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Article by: Lee
Windows 7 Ultimate and Enterprise (and 2008 R2) introduced a new feature you may not be aware of - Boot from VHD.   Boot from VHD (or what Microsoft refers to asNative Boot allows you to install Windows to a VHD (Virtual Hard Disk) file that is t…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now