Server 2012 / Win 7 Pro Documents Folder Redirection Issues

Current Issue
I am working on a project to migrate our file servers from server 2003 to new vm's running server 2012 r2.  I have robocopied everything over to the new server 2012 but can't get GP document redirection working correctly or at all for that manner.  

Background Info
This past summer we migrated our dc's from 2003 / 2008 to 2012 dc's and raised the funtional level to 2012.  We had consultants help us with that project and it went smoothly.  In the fall we rolled out new new win 7 pc's to our users.  It was a long, controlled rollout where we touched every pc to customize it to the user specifications. I noticed early on that the GP that used to re-direct my documents was no longer working so I manually redirected it for everyone by right clicking on My documents < Location < and changing the path to the 2003 file server.  That worked to get me through that project while we were running in XP / Win 7 mixed user pc mode.  I figured I would fix redirection once I got around to this project.  

Current Issues
Fast forward 3 months and we now want to start migrating old file servers and noticed that GP still doesn't work now that we are all on win 7 / server 2012.  

Stuff I've Tried
1.  Built new win 7 vm to test with, created new OU called Test that is only getting 2 GP's default domain policy and new folder redirection policy.  I've added my test pc and user account to the test ou.  GP is being applied per RSOP and gpresult /r

2.  Created new fresh GP and re-setup folder redirection from scratch.  The old redirection GP was replicated over during the dc migration.  This did not work.

3.  Tried both basic and advanced settings under Documents redirection with multiple variations.  I assumed that if I set it to basic and rediret to user's home directory that it should just work.  We are mapping every users' home directory via AD < Profile < Home Folder < Connect H to \\servername\users\Div\%username%
On my test vm if I paste the following things it will resolve correctly to the new user file server.

\\servername\users\Div\%username% - resolves correctly from win 7 test vm
%homeshare%%homepath% - resolves correctly from win 7 test vm

After each test, like 8 of them with different settings, I ran gpupdate /force on client and re-logged in again.  None of these things worked.  AD is taking care of mapping the new drive under my computer but redirection still does not work.  

4.  Made my user account Owner of the folder\\servername\users\Div\%username% to make sure this wasn't a permission issue.  The permissions before for all users were they modify rights but not full control.  That did not work.  I left it as owner for now and full control but that is not something I would like to do in production

1.  What am I doing wrong here?  I've spent a long time reading / researching this issue and am unsure why simple folder redirection is not working.  

2.  Is it best to just use login script in this type of situation or reg key change?  I see the 2 registry keys controlling this on the client pc are located in the following 2 locations.

2a.  My Docs Registry Key - Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ Personal

2b.  My Docs Registry Key - User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SUser Shell Folders\ Personal

3.  If option 2 is better then what is the best way to implement / set that up.

Thank you in advance for you help.
Who is Participating?

Improve company productivity with a Business Account.Sign Up

PapnouConnect With a Mentor Author Commented:
We ended up just pushing registry keys that referenced (%homeshare%%homepath%) via User GPO to get this to work since we struggled with getting server 2012 folder redirection working.

Here is the location of the keys we changed

1.  My Docs Registry Key - Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ Personal

2.  My Docs Registry Key - User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\ Personal

Article that led me to this solution

Thanks everyone for the help and suggestions.
Adam BrownSr Solutions ArchitectCommented:
Is there a Folder for each user that matches their user name and has them granted ownership of them on the file server you're redirecting to? Folder redirection requires that the user have full ownership permissions on the folder that they are redirected to. Check the permissions of the folders if they are there and make sure they are set properly to allow the user ownership.

Woops. Should have read your whole post...You do still need to make sure the folders have the users as owners on them before you can redirect. You should also be able to run rsop.msc to get a little more information on why this is failing for you. Right click User Configuration and go to properties when it comes up with a report and it should show you any errors applying the policies you've set. That's where I'd start.
Brad BouchardInformation Systems Security OfficerCommented:
There are a lot of things that can go wrong with Folder Redirection, so don't feel bad.  Here is what I would do.  I'd do the basic setting and redirect everyone to a specific spot (the user's home directory from AD), but here is what I would do.

In your GPO under the specific folder you're going to redirect on the Target tab, do Basic and select the Home drive > Switch to the Settings tab and uncheck the box next to "Move the contents of FolderName to the new location."

Then Robocopy people's data over to the new server as needed.  I've had to use this very trick to get the redirection working again.  Then later on you could apply a new redirection policy that started from scratch.

Let me know the results.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

PapnouAuthor Commented:

Yes, there is a folder that matches each user's name.  I wasn't aware of the folder ownership requirement.  During my testing with my own non domain admin user account I did make it an owner of the folder on the fileserver but folder redirection still did not work.  I know a few months back I set domain admin as the owner on the old fileserver not realizing that this was needed.  I did this because a few users changed permissions to remove domain admin from their folder.    

User configuration has a yellow triangle with an explanation point on there.  Please see attached screen shot.    There is another policy called Internet Explorer branding that failed.  I just looked into that. That was stuffed in the default domain policy many years ago before my time and now there is no easy way to remove it as it's not available for removal.  Could that be causing my issues?  Thoughts?  Thanks.
PapnouAuthor Commented:
Brad Bouchard

This did not work for me.  Data was already robocopied over last week.  I will run a mirror to sync things up once I get redirection working again.  Please see attached screen shot of redirection policy.  After I changed it I ran gpupdate /force on the test win 7 pc and logged out / in again.  

What are the permission requirements on the user home folders?  For example, user share is \\servername\users\div\%username%.  Right now for the security permissions user and domain admin have full control.  The user is the owner.  Above that level on the users folder and div folder domain users have read and execute, list folder contents and read.  The share permissions for the main users folder are set to change and read.  Just wanted to see if this was correct and to rule out permissions as a cause for these issues.

Any other suggestions?

copy the users home folder data to temp folder

Remove users home folder.
Remove user redirected folder.
Go into ADUC remove home path apply setting then add it back in apply setting, this will recreate home folder with correct permissions.

Then as user copy data back in from temp folder.
then cmd prompt with run as administrator.
gupdate /force
Log off if prompted.  login in.
check event log for messages.

check here.
PapnouAuthor Commented:
I struggled to get this working based off feedback I received on this question.  I ended up finding my own fix and implementing it 2 weeks ago since I had a deadline to meet.  I wanted to update and properly close the question in case it helps others down the road.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.