Solved

Folder Redirection or ROBOCOPY profile

Posted on 2013-06-15
3
915 Views
Last Modified: 2013-06-18
What is the best practice for protecting a domain users profile behind the scenes?

Using a logon script to robocopy the profile over to the server?

Or using folder redirection?

I have run into issues with both, like a handy red X over files with folder redirection or GPO's failing to run on Vista/7 machines, or even sync issues.  With these issues, at least the end user knows something is wrong and to contact me.

With the logon batch file (which I did not create, a friend did) I have seen it either not run on Windows 7/ Vista because of UAC.  Or just stop functioning.  The only way I know it doesn't work, is checking the log file it creates to see the most recent date.  The user has no clue it stopped working and I would have to manually check each workstation.

So what is the best practice here?  What do you do to protect user data?
0
Comment
Question by:dksgreenit
3 Comments
 
LVL 29

Assisted Solution

by:Randy Downs
Randy Downs earned 250 total points
ID: 39250786
This might help

http://www.cb-net.co.uk/microsoft-articles/23-windows-2008/1987-windows-server-folder-redirection-migration

Firstly let me point out a simple way of doing this in a smaller environment. If you update your Group Policy Folder Redirection Options  (or apply a new policy with higher precedence), if the Redirection Policy is configured to "Move the contents of xxxx to the new location" then at logon the users files will be moved to the new location.... an automated migration that works well for small amounts of data.

With up to 20GB of data per user the above solution simply wasn't going to cut it. This would have added hours of delays for users logging on. We opted to pre stage the data, which meant we had to disable the "Move the contents of xxxx to the new location" for each folder we were pre-staging - this is an important step! You should allow a week or two for all users to get this change before proceeding with your migration.

Next problem, how to pre-stage the data! Well RoboCopy failed miserably due to the ACL's and exclusive rights, so we used a tool called SecureCopy which worked really well - to a point; open files, and files with specific ACL's which users had set were not pre-staged. The number of these files totalled around 2,300!

We needed to pre-stage these files are many of them were current, business related documents... welcome back to the fight RoboCopy! We deployed a script (below) to run at user logon, as the user, that would copy the missing files (using /MIR to mirror the folder contents) from the Windows box to the NetApp CIFS. This ran for a few days to minimise the amount of missing data when we 'flipped the switch.'

Finally, with the data pre-staged we change the GPO folder redirection options to point to the vFiler shares.
0
 
LVL 4

Accepted Solution

by:
TechOps07 earned 250 total points
ID: 39254511
I implemented Folder Redirection at my job which has worked out great. Other users cannot access anyone's My Documents because of the default security options.

I went as far as making sure the Pictures, Music, and Video folders stay on the C:\ local drive to reduce space on my file server.

This way it is automated via GPO where RoboCopy has to be created in a script, setup for the logon. To me there are plenty of things that can break or fail to run. Then you have to troubleshoot where the breakdown is.

That is to much overhead for me.
0
 

Author Comment

by:dksgreenit
ID: 39257118
Thanks for the info
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

How to update Firmware and Bios in Dell Equalogic PS6000 Arrays and Hard Disks firmware update.
VM backup deduplication is a method of reducing the amount of storage space needed to save VM backups. In most organizations, VMs contain many duplicate copies of data, such as VMs deployed from the same template, VMs with the same OS, or VMs that h…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now