Solved

Server 2012 / Win 7 Pro Documents Folder Redirection Issues

Posted on 2014-03-03
7
5,955 Views
Last Modified: 2014-03-23
Current Issue
I am working on a project to migrate our file servers from server 2003 to new vm's running server 2012 r2.  I have robocopied everything over to the new server 2012 but can't get GP document redirection working correctly or at all for that manner.  

Background Info
This past summer we migrated our dc's from 2003 / 2008 to 2012 dc's and raised the funtional level to 2012.  We had consultants help us with that project and it went smoothly.  In the fall we rolled out new new win 7 pc's to our users.  It was a long, controlled rollout where we touched every pc to customize it to the user specifications. I noticed early on that the GP that used to re-direct my documents was no longer working so I manually redirected it for everyone by right clicking on My documents < Location < and changing the path to the 2003 file server.  That worked to get me through that project while we were running in XP / Win 7 mixed user pc mode.  I figured I would fix redirection once I got around to this project.  

Current Issues
Fast forward 3 months and we now want to start migrating old file servers and noticed that GP still doesn't work now that we are all on win 7 / server 2012.  

Stuff I've Tried
1.  Built new win 7 vm to test with, created new OU called Test that is only getting 2 GP's default domain policy and new folder redirection policy.  I've added my test pc and user account to the test ou.  GP is being applied per RSOP and gpresult /r

2.  Created new fresh GP and re-setup folder redirection from scratch.  The old redirection GP was replicated over during the dc migration.  This did not work.

3.  Tried both basic and advanced settings under Documents redirection with multiple variations.  I assumed that if I set it to basic and rediret to user's home directory that it should just work.  We are mapping every users' home directory via AD < Profile < Home Folder < Connect H to \\servername\users\Div\%username%
On my test vm if I paste the following things it will resolve correctly to the new user file server.

\\servername\users\Div\%username% - resolves correctly from win 7 test vm
%homeshare%%homepath% - resolves correctly from win 7 test vm

After each test, like 8 of them with different settings, I ran gpupdate /force on client and re-logged in again.  None of these things worked.  AD is taking care of mapping the new drive under my computer but redirection still does not work.  

4.  Made my user account Owner of the folder\\servername\users\Div\%username% to make sure this wasn't a permission issue.  The permissions before for all users were they modify rights but not full control.  That did not work.  I left it as owner for now and full control but that is not something I would like to do in production

Questions
1.  What am I doing wrong here?  I've spent a long time reading / researching this issue and am unsure why simple folder redirection is not working.  

2.  Is it best to just use login script in this type of situation or reg key change?  I see the 2 registry keys controlling this on the client pc are located in the following 2 locations.

2a.  My Docs Registry Key - Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ Personal

2b.  My Docs Registry Key - User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SUser Shell Folders\ Personal

3.  If option 2 is better then what is the best way to implement / set that up.

Thank you in advance for you help.
0
Comment
Question by:Papnou
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 40

Expert Comment

by:Adam Brown
ID: 39901845
Is there a Folder for each user that matches their user name and has them granted ownership of them on the file server you're redirecting to? Folder redirection requires that the user have full ownership permissions on the folder that they are redirected to. Check the permissions of the folders if they are there and make sure they are set properly to allow the user ownership.

Woops. Should have read your whole post...You do still need to make sure the folders have the users as owners on them before you can redirect. You should also be able to run rsop.msc to get a little more information on why this is failing for you. Right click User Configuration and go to properties when it comes up with a report and it should show you any errors applying the policies you've set. That's where I'd start.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39901874
There are a lot of things that can go wrong with Folder Redirection, so don't feel bad.  Here is what I would do.  I'd do the basic setting and redirect everyone to a specific spot (the user's home directory from AD), but here is what I would do.

In your GPO under the specific folder you're going to redirect on the Target tab, do Basic and select the Home drive > Switch to the Settings tab and uncheck the box next to "Move the contents of FolderName to the new location."

Then Robocopy people's data over to the new server as needed.  I've had to use this very trick to get the redirection working again.  Then later on you could apply a new redirection policy that started from scratch.

Let me know the results.
0
 

Author Comment

by:Papnou
ID: 39902402
acbrown2010

Yes, there is a folder that matches each user's name.  I wasn't aware of the folder ownership requirement.  During my testing with my own non domain admin user account I did make it an owner of the folder on the fileserver but folder redirection still did not work.  I know a few months back I set domain admin as the owner on the old fileserver not realizing that this was needed.  I did this because a few users changed permissions to remove domain admin from their folder.    

User configuration has a yellow triangle with an explanation point on there.  Please see attached screen shot.    There is another policy called Internet Explorer branding that failed.  I just looked into that. That was stuffed in the default domain policy many years ago before my time and now there is no easy way to remove it as it's not available for removal.  Could that be causing my issues?  Thoughts?  Thanks.
RSOP-Screen-Shot.jpg
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:Papnou
ID: 39902415
Brad Bouchard

This did not work for me.  Data was already robocopied over last week.  I will run a mirror to sync things up once I get redirection working again.  Please see attached screen shot of redirection policy.  After I changed it I ran gpupdate /force on the test win 7 pc and logged out / in again.  

What are the permission requirements on the user home folders?  For example, user share is \\servername\users\div\%username%.  Right now for the security permissions user and domain admin have full control.  The user is the owner.  Above that level on the users folder and div folder domain users have read and execute, list folder contents and read.  The share permissions for the main users folder are set to change and read.  Just wanted to see if this was correct and to rule out permissions as a cause for these issues.

Any other suggestions?

Thanks.
GPO---Basic-Redirection.jpg
GPO---Folder-Redirection-Setting.jpg
0
 
LVL 12

Expert Comment

by:ktaczala
ID: 39904969
copy the users home folder data to temp folder

Remove users home folder.
Remove user redirected folder.
Go into ADUC remove home path apply setting then add it back in apply setting, this will recreate home folder with correct permissions.

Then as user copy data back in from temp folder.
then cmd prompt with run as administrator.
gupdate /force
Log off if prompted.  login in.
check event log for messages.

check here.
http://technet.microsoft.com/en-us/library/jj649078.aspx
0
 

Accepted Solution

by:
Papnou earned 0 total points
ID: 39938208
We ended up just pushing registry keys that referenced (%homeshare%%homepath%) via User GPO to get this to work since we struggled with getting server 2012 folder redirection working.

Here is the location of the keys we changed

1.  My Docs Registry Key - Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\ Personal

2.  My Docs Registry Key - User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\ Personal

Article that led me to this solution

http://community.spiceworks.com/topic/334232-setting-up-my-documents-redirect

Thanks everyone for the help and suggestions.
0
 

Author Closing Comment

by:Papnou
ID: 39948400
I struggled to get this working based off feedback I received on this question.  I ended up finding my own fix and implementing it 2 weeks ago since I had a deadline to meet.  I wanted to update and properly close the question in case it helps others down the road.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question