?
Solved

Folder Redirect permissons

Posted on 2012-08-23
7
Medium Priority
?
794 Views
Last Modified: 2012-08-29
My question relates to Windows Server 2008 Standard, the main issue is concerned with Windows and Security permissions.

Why can I not access User's Folder Redirect share in Server 2008 Standard.

Windows Server 2008 Standard uses Folder redirection. A users desktop and documents get redirected to the Folder Redirect share on the server via Group Policy. No-one apart from the end-user has access to their designated redirected folder on the server.  Administrators DO NOT have access to these folders.

My overall question is how I as an administrator access a user's re-direct folder to acquire or recover any files for them on their behalf.  

I realise that any normal situation regarding Windows Security Permissions would be to simply add whoever (administrator) to have access to that particular parent folder and push those permissions down through child objects but I did not want to stuff around with this on a Server 2008 as I know everything needs to be ran through the 'console' and I did not want to break anything in group policy from doing so.

I also am using Windows 2008 server backup.  The previous person set this up so I had to go with it.  In looking through the backups, the Folder Redirect folders files are not getting backed up.  I know the users have files in their document folders, but again they are not getting backed up.  I am sure that this is due to the security issues that I have spoke about above.  
I can take possession of the folders and view the files, but when I transfer possession back to the owner I have hosed the login for that user.  I have renamed the folder to .old and had the user login and then transfer the files over to that login.  
Looking for the best way to handle this situation.
0
Comment
Question by:deano436
  • 4
5 Comments
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 2000 total points
ID: 38345973
This article from MS show permissions applied at the Root.

http://technet.microsoft.com/en-us/library/cc736916%28WS.10%29.aspx

Notice the Administrators is set to "None".  Change this to allow Administrators.
Note that this is at the Root above the user's folders.  It will inherit down from there.
0
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 2000 total points
ID: 38345979
You're correct in that messing with permissions or ownership on the user's specific folder screws up the works.  So don't do that.
0
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 2000 total points
ID: 38345986
0
 
LVL 29

Accepted Solution

by:
pwindell earned 2000 total points
ID: 38346004
There may be more to the story here.

http://www.1stbyte.com/2008/03/19/folder-redirection-user-permissions-block-access-to-administrators/

This is why I don't use Folder Redirection or Roaming Profiles.  They create more grief then it is worth.
0
 

Author Closing Comment

by:deano436
ID: 38347114
Thanks for your help. This is what I am looking for
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question