What is the best practice for protecting a domain users profile behind the scenes?
Using a logon script to robocopy the profile over to the server?
Or using folder redirection?
I have run into issues with both, like a handy red X over files with folder redirection or GPO's failing to run on Vista/7 machines, or even sync issues. With these issues, at least the end user knows something is wrong and to contact me.
With the logon batch file (which I did not create, a friend did) I have seen it either not run on Windows 7/ Vista because of UAC. Or just stop functioning. The only way I know it doesn't work, is checking the log file it creates to see the most recent date. The user has no clue it stopped working and I would have to manually check each workstation.
So what is the best practice here? What do you do to protect user data?