Configuring Folder Redirection

I created a folder off the root of a Windows 2008 member server called
"Users". Set the share and NTFS permissions per this MS article:
http://support.microsoft.com/kb/274443 ( the steps are below)

Created a test OU, set the policy to create a folder for each user under the
root and specified \\ServerName\Users. Set redirection for My Documents and
Desktop. Added a test account called testuser. The redirection worked
fine. Did the same thing with my Domain Admin account. All good.

But there are a couple things that were unexcpected;
- after testuser had logged in, I verified that all files redirected to a
folder off Users called "testuser". If I then logout and back in with my
own account and browse to that share, I can see the My Documents and Desktop
subfolders, but if I look in them they are empty.
- If I browse that same share logged in as testuser, I can see all the
files/sub folders within \\ServerName\Users\testuser
- If I RDP into the 2008 server with my Domain Admin account, and browse to
the testuser folder, I can see the My Documents and Desktop folder. But I
can't access them. I get a message saying I "currently don't have
permissions to this folder".

If I go to the testuser folder and look at Effective Permissions for my
account, it shows that I have Full Control.

Why would I not be able to browse this newly created folder (testuser) on
the server?




-----------------------------------------------

a.. Select a central location in your environment where you would like to
store Folder Redirection, and then share this folder. In this example,
FLDREDIR is used.
a.. Set Share Permissions for the Everyone group to Full Control.
a.. Use the following settings for NTFS Permissions:
a.. CREATOR OWNER - Full Control (Apply onto: Subfolders and Files Only)
b.. System - Full Control (Apply onto: This Folder, Subfolders and Files)
c.. Domain Admins - Full Control (Apply onto: This Folder, Subfolders and
Files)
d.. Everyone - Create Folder/Append Data (Apply onto: This Folder Only)
e.. Everyone - List Folder/Read Data (Apply onto: This Folder Only)
f.. Everyone - Read Attributes (Apply onto: This Folder Only)
g.. Everyone - Traverse Folder/Execute File (Apply onto: This Folder Only)

"JohnB" <> wrote in message
news:...
>I created a folder off the root of a Windows 2008 member server called
>"Users". Set the share and NTFS permissions per this MS article:
> http://support.microsoft.com/kb/274443 ( the steps are below)
>
> Created a test OU, set the policy to create a folder for each user under
> the root and specified \\ServerName\Users. Set redirection for My
> Documents and Desktop. Added a test account called testuser. The
> redirection worked fine. Did the same thing with my Domain Admin account.
> All good.
>
> But there are a couple things that were unexcpected;
> - after testuser had logged in, I verified that all files redirected to a
> folder off Users called "testuser". If I then logout and back in with my
> own account and browse to that share, I can see the My Documents and
> Desktop subfolders, but if I look in them they are empty.
> - If I browse that same share logged in as testuser, I can see all the
> files/sub folders within \\ServerName\Users\testuser
> - If I RDP into the 2008 server with my Domain Admin account, and browse
> to the testuser folder, I can see the My Documents and Desktop folder. But
> I can't access them. I get a message saying I "currently don't have
> permissions to this folder".
>
> If I go to the testuser folder and look at Effective Permissions for my
> account, it shows that I have Full Control.
>
> Why would I not be able to browse this newly created folder (testuser) on
> the server?
>
>
>
>
> -----------------------------------------------
>
> a.. Select a central location in your environment where you would like to
> store Folder Redirection, and then share this folder. In this example,
> FLDREDIR is used.
> a.. Set Share Permissions for the Everyone group to Full Control.
> a.. Use the following settings for NTFS Permissions:
> a.. CREATOR OWNER - Full Control (Apply onto: Subfolders and Files Only)
> b.. System - Full Control (Apply onto: This Folder, Subfolders and Files)
> c.. Domain Admins - Full Control (Apply onto: This Folder, Subfolders and
> Files)
> d.. Everyone - Create Folder/Append Data (Apply onto: This Folder Only)
> e.. Everyone - List Folder/Read Data (Apply onto: This Folder Only)
> f.. Everyone - Read Attributes (Apply onto: This Folder Only)
> g.. Everyone - Traverse Folder/Execute File (Apply onto: This Folder
> Only)
>
>

JohnB,

I am not fond of the Everyone group. It invites the guest and IUSR account.
Use Auth Users.

Nonetheless, you have too many settings which complicates the permissions.
Try this method. I think you will find it works better, and for you to see
the data, too.

Folder Redirection
http://msmvps.com/blogs/acefekay/arc...direction.aspx


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.