Win 2008 DC AD moved user from one GPO to another

I have a pair of Windows 2008 servers as Domain Controllers with Active Directory. I just recently added the second one.  I created a new GPO so I can separate my users by branch office.  I'm having trouble with one users folder redirection.  On the local PC, user acrain's documents folder shows c:\users\acrain.  But it should show \\charleston\acrain.  I noticed while trying to correct the problem that the user was disabled so I enabled it.  But I can't seems to correct the path no matter how many gpupdates /force and log offs I do.
lantervjAsked:
Who is Participating?
 
Thomas WERNHERConnect With a Mentor Configuration ManagerCommented:
Hi,

thanks for posting back.
First point:  your user has an incremented profile.
on win7, generally, it goes ok, but, the better way is to clean that up (on Windows 7, i usually make cleanup of the bad folders in c:\users and rename the c:\users\myuser.001 with its username. then go in the hklm/software/Microsoft/currentversion/profilelist and find your user key, for the local profile, you enter the new path to the good renamed folder..)
BTW, must do that while being connected with another admin user..

then, could you check the shared folder's permissions?
as you said :the folder is \\charleston\acrain
what are the shared folder's permissions and the NTFS permissions on that folder ?

Cheers

T
0
 
SandeshdubeySenior Server EngineerCommented:
Its seems that folder redirection policy is not applied.Check the event log on server application/system log you may get evidence to troubleshoot further.

Ensure that permission is set correctly on server for user profile and folder redirection policy is applied to OU where user exist.
http://www.grouppolicy.biz/2010/08/best-practice-roaming-profiles-and-folder-redirection-a-k-a-user-virtualization/

Registry Settings for Folder Redirection in Windows
http://support.microsoft.com/kb/242557
0
 
lantervjAuthor Commented:
I thought I was making progress but on the server the users\acrain folder is empty but properties show 320 files in 93 folders. On the client I can find "nearly" that many files and folders. On the client I get the "unsupported library locations" message.

I have a backup folder of documents that I need to copy so this users has access to them through folder redirect.

On the client the documents folder under libraries shows a path of \\charleston\acrain.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Thomas WERNHERConfiguration ManagerCommented:
Hi,

have you applied your GPOs on OUs or groups ?
does your Gpos move the content of the document's folder ?
what about it's configuration ?

What is the gpresult /r you've got ?
are the good GPOs Applied ?

Thanks to post more infos :)

Cheers
T
0
 
lantervjAuthor Commented:
C:\Users\acrain.TA.001>gpupdate
Updating Policy...

User Policy update has completed successfully.
Computer Policy update has completed successfully.


C:\Users\acrain.TA.001>gpresult /r

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
Copyright (C) Microsoft Corp. 1981-2001

Created On 2/3/2013 at 3:05:26 AM


RSOP data for TA\acrain on SC132 : Logging Mode
-------------------------------------------------------

OS Configuration:            Member Workstation
OS Version:                  6.1.7601
Site Name:                   N/A
Roaming Profile:             N/A
Local Profile:               C:\Users\acrain.TA.001
Connected over a slow link?: No


USER SETTINGS
--------------
    CN=Alisha Crain,OU=Sourh Carolina Users,DC=ta,DC=dom
    Last time Group Policy was applied: 2/3/2013 at 3:05:01 AM
    Group Policy was applied from:      CHARLESTON.ta.dom
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        TA
    Domain Type:                        Windows 2000

    Applied Group Policy Objects
    -----------------------------
        SC User Folder Redirect

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Default Domain Policy
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)

    The user is a part of the following security groups
    ---------------------------------------------------
        Domain Users
        Everyone
        BUILTIN\Users
        NT AUTHORITY\INTERACTIVE
        CONSOLE LOGON
        NT AUTHORITY\Authenticated Users
        This Organization
        LOCAL
        Medium Mandatory Level
0
 
lantervjAuthor Commented:
There are several users in both locations where the folder redirect works just fine.
0
 
lantervjAuthor Commented:
\\charleston\acrain did not have permission for domain-users but acrain did have ownership.
0
 
Thomas WERNHERConfiguration ManagerCommented:
Hi,

As i understand your answer, it's the ntfs permissions you're mentionning?
what about the permissions on the shared folder side?

Cheers.
T
0
 
lantervjAuthor Commented:
on the charleston server, the users folder contains the acrain folder and that shows;

allow  domain users          full control   <not inherited>    this folder, subfolders and...
allow  admin(ta\admin)     special          h:\users\               this folder only
allow  system                    full control    h:\users\              this folder, subfolders, and ...

the users folder shows;

allow  administrators(ta     full control   <not inherited>    this folder, subfoldrs, and ...
allow  users(ta\users          special          <not inherited>    this folder only
allow  domain users           special          <not inherited>    this folder only
allow  system                     full control    <not inherited>   this folder, subfolders, and ...
0
 
lantervjAuthor Commented:
As administrator, I don't have permission to open a folder under the users folder exceptr for acrain.  That seems very strange.
0
 
Thomas WERNHERConfiguration ManagerCommented:
Hi,

no, it's just that the users have been granted the exclusive rights on their documents' folders.
have you tried to grant the acrain user full control over her folder (forcing the rights) ?

Cheers.
T
0
 
lantervjAuthor Commented:
On the client machine, logged on as acrain, I get logged on with a temporary profile and the document library path is c:\users\temp.  I did give full access for acrain to the \\charleston\acrain folder.
0
 
lantervjAuthor Commented:
I found a major problem;  I had to enable network discovery and file sharing.  Duh!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.