We have a Windows 2012 RDS collection with 1 connection broker, 2 hosts, 1 file server that holds the roaming profiles.
We have a group policy that redirect users' DESKTOP, DOCUMENTS, FAVORITES, DOWNLOADS to a network share (\\fileserver\userdata).
The redirections work. I see the \\fileserver\usersdata contains the user profiles and within each profiles, the DESKTOP, DOCUMENTS, FAV, DOWNLOADS folders are created.
The issue comes when I login as an administrator to the file server, when I try to access for example the DESKTOP folder within a user folder, I am getting access is denied. After checking, I have realize only SYSTEM and the users themself have access.
I as an admin can probably take ownership of all the user profiles but I am wondering if this a normal file access security behavior for the subfolders being created by redirection?
Please advise if there is a configuration I have missed.