Folder redirection - assign folder to new user

In SBS 2011, using the built-in 'folder redirector' feature. Everything is working beautiful, however, I have 2 issues.

1) As administrator, why don't I have permission to get into the user's 'desktop' and 'documents' folder?

2) If I create a new user account to replace an existing user, is there a clean and easy way to transfer the files (that are being redirected) from the old to the new user??

I don't want to mess up any of the permission, I would like to know how to do it the correct way.
clesinAsked:
Who is Participating?
 
Cliff GaliherConnect With a Mentor Commented:
No. Regarding #1, I would suggest that in such a circumstance, you can take ownership on an as-needed basis instead of doing so agency wide via policy. It reduces that liability footprint, but still lets you get access when required (which would be rare in most circumstances.) And, in such a situation, you are on the right track. Take ownership, move just the files that the new user needs....and move them to a public folder at that since that is clearly where they should've belonged, and let the folder redirection policy create new private folders for the new user. This is in keeping with good privacy protection, low access, and still provide the new user access to the necessary files that the old user incorrecty saved privately. Setting up business processes and policies on how and where data gets saved, well spelled out, and providing a folder structure or a SharePoint repository that is easily understood by the average user can also reduce the occurences of this happening. Realistically you can get it to a near zero occurrence.

-Cliff
0
 
Cliff GaliherCommented:
1) That is the default behavior of the folder redirection policy. ONLY the user is granted read and write access to the folder. If you want to change this policy, you must manually edit the underlying group policy that the wizard creates. You'll see a simple checkbox that says "grand administrator access." This will only apply to NEW folders that are created, however, since permissions are created at that time. It will not affect existing redirected folders. If you want access, you must manually edit the permissions of existing folders as well. Realistically though, you should be asking yourself WHY you want it. If there is a legitimate business need, by all means, do so. But if your thinking is "I am adminstrator, so I should have access" and that is your only justification, you may want to rethink the process. What business problem are you trying to solve and is there a better way? In most cases, it is best to leave things as-is....messing with permissions gets sticky at best, and granting administrator access to user folders opens a door for disgruntled employee abuse and high liability.

2) A new account is a new account. I'd ask about the circumstances here. First, if this is a new user, why should they get access to an old user's files? If the old files were not private then they should have been on a public share or in SharePoint, or made available for sharing in some other fashion. User's private document storage, even redirected folders, are for personal use only and therefore when the user leaves, there should be no need for a new user to have unrestricted access.

-Cliff
0
 
clesinAuthor Commented:
1) The only reason I would 'need' to have access to the files is, in a situation like this, where I need to move the files from one user to another.

2) You are correct in theory that 'docs' are 'only' for personal stuff and everything else should be on a share, however, in the real world, users are not so careful with where they save what.

I was wondering if there was an easy, no mess way to accomplish what I want, I guess the answer is no??
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.