Guest SBN via WinServerKB.com Posted January 26, 2008 Posted January 26, 2008 Hey guys is it ok to configure both Roaming Profile and Folder Redirection in a domain network? -- Message posted via WinServerKB.com http://www.winserverkb.com/Uwe/Forums.aspx/windows-server/200801/1
Guest Anthony Posted January 26, 2008 Posted January 26, 2008 Re: Roaming Profile+Folder Redirection Yes "SBN via WinServerKB.com" <u32166@uwe> wrote in message news:7ec30ddad9048@uwe... > Hey guys is it ok to configure both Roaming Profile and Folder Redirection > in > a domain network? > > -- > Message posted via WinServerKB.com > http://www.winserverkb.com/Uwe/Forums.aspx/windows-server/200801/1 >
Guest Lanwench [MVP - Exchange] Posted January 26, 2008 Posted January 26, 2008 Re: Roaming Profile+Folder Redirection SBN via WinServerKB.com <u32166@uwe> wrote: > Hey guys is it ok to configure both Roaming Profile and Folder > Redirection in a domain network? Yes - and in fact, although I think you should use folder redirection anyway, it's even more critical that you do so if you use roaming profiles (if you don't keep the profiles tiny, you'll run into major problems). Here's my boilerplate on setting them up. General tips: 1. Set up a share on the server. For example - d:\profiles, shared as profiles$ to make it hidden from browsing. Make sure this share is *not* set to allow offline files/caching! (that's on by default - disable it) 2. Make sure the share permissions on profiles$ indicate everyone=full control. Set the NTFS security to administrators, system, and users=full control. 3. In the users' ADUC properties, specify \\server\profiles$\%username% in the profiles field 4. Have each user log into the domain once from their usual workstation (where their existing profile lives) and log out. The profile is now roaming. 5. If you want the administrators group to automatically have permissions to the profiles folders, you'll need to make the appropriate change in group policy. Look in computer configuration/administrative templates/system/user profiles - there's an option to add administrators group to the roaming profiles permissions. Notes: * Make sure users understand that they should not log into multiple computers at the same time when they have roaming profiles (unless you make the profiles mandatory by renaming ntuser.dat to ntuser.man so they can't change them). Explain that the "last one out wins," when it comes to uploading the final, changed copy of the profile. * Keep your profiles TINY. Via group policy, redirect My Documents at the very least - to a subfolder of the user's home directory or user folder. Also consider redirecting Desktop & Application Data similarly..... so the user will have: \\server\home$\%username%\My Documents, \\server\home$\%username%\Desktop, \\server\home$\%username%\Application Data. Alternatively, just manually re-target My Documents to \\server\home$\%username% (this is not optimal, however!) If you aren't going to also redirect the desktop using policies, tell users that they are not to store any files on the desktop or you will beat them with a stick. Big profile=slow login/logout, and possible profile corruption. * Note that user profiles are not compatible between different OS versions, even between W2k/XP. Keep all your computers. Keep your workstations as identical as possible - meaning, OS version is the same, SP level is the same, app load is (as much as possible) the same. * Do not let people store any data locally - all data belongs on the server. * The User Profile Hive Cleanup Utility should be running on all your computers. You can download it here: http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en Roaming profile & folder redirection article - http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html
Guest SBN via WinServerKB.com Posted January 29, 2008 Posted January 29, 2008 Re: Roaming Profile+Folder Redirection Lanwench [MVP - Exchange] wrote: >> Hey guys is it ok to configure both Roaming Profile and Folder >> Redirection in a domain network? > >Yes - and in fact, although I think you should use folder redirection >anyway, it's even more critical that you do so if you use roaming profiles >(if you don't keep the profiles tiny, you'll run into major problems). >Here's my boilerplate on setting them up. > >General tips: > >1. Set up a share on the server. For example - d:\profiles, shared as >profiles$ to make it hidden from browsing. Make sure this share is *not* set >to allow offline files/caching! (that's on by default - disable it) > >2. Make sure the share permissions on profiles$ indicate everyone=full >control. Set the NTFS security to administrators, system, and users=full >control. > >3. In the users' ADUC properties, specify \\server\profiles$\%username% in >the profiles field > >4. Have each user log into the domain once from their usual workstation >(where their existing profile lives) and log out. The profile is now >roaming. > >5. If you want the administrators group to automatically have permissions to >the profiles folders, you'll need to make the appropriate change in group >policy. Look in computer configuration/administrative templates/system/user >profiles - there's an option to add administrators group to the roaming >profiles permissions. > >Notes: > >* Make sure users understand that they should not log into multiple >computers at the same time when they have roaming profiles (unless you make >the profiles mandatory by renaming ntuser.dat to ntuser.man so they can't >change them). Explain that the "last one out wins," > when it comes to uploading the final, changed copy of the profile. > >* Keep your profiles TINY. Via group policy, redirect My Documents at the >very least - to a subfolder of the user's home directory or user folder. >Also consider redirecting Desktop & Application Data similarly..... so the >user will have: > >\\server\home$\%username%\My Documents, >\\server\home$\%username%\Desktop, >\\server\home$\%username%\Application Data. > >Alternatively, just manually re-target My Documents to >\\server\home$\%username% (this is not optimal, however!) > >If you aren't going to also redirect the desktop using policies, tell users >that >they are not to store any files on the desktop or you will beat them with a >stick. Big profile=slow login/logout, and possible profile corruption. > >* Note that user profiles are not compatible between different OS versions, >even between W2k/XP. Keep all your computers. Keep your workstations as >identical as possible - meaning, OS version is the same, SP level is the >same, app load is (as much as possible) the same. > >* Do not let people store any data locally - all data belongs on the server. > >* The User Profile Hive Cleanup Utility should be running on all your >computers. You can download it here: >http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en > >Roaming profile & folder redirection article - >http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html Thank you! i have few more questions since roaming profile loads users profiles from the user computer to the server and vice versa and folder redirection only loads vice versa those that are recently change, wont these cause confusion or overlapping of duties and responsibilities... something like that? -- Message posted via WinServerKB.com http://www.winserverkb.com/Uwe/Forums.aspx/windows-server/200801/1
Guest Lanwench [MVP - Exchange] Posted January 29, 2008 Posted January 29, 2008 Re: Roaming Profile+Folder Redirection SBN via WinServerKB.com <u32166@uwe> wrote: <snipped for length> > > Thank you! i have few more questions since roaming profile loads users > profiles from the user computer to the server and vice versa and > folder redirection only loads vice versa those that are recently > change, wont these cause confusion or overlapping of duties and > responsibilities... something like that? I have no idea what you mean - care to rephrase?
Guest SBN via WinServerKB.com Posted January 29, 2008 Posted January 29, 2008 Re: Roaming Profile+Folder Redirection What i mean is that roaming profile copies the users whole user profile settings (my documents, Desktop and others)from the user's computer to the server and vice versa when the user logs. And folder redirection and is designed to redirect desktop my documents and others without copying the whole contents of these only those that were recently change. so if i enabled both roaming profile and folder redirection there will be 2 version of desktop and my documents for example on the server.right? so its like both have the same kind of job but different approach of doing it. :) so i was just wondering if they overlap on their jobs and which one is the priority :) -- Message posted via WinServerKB.com http://www.winserverkb.com/Uwe/Forums.aspx/windows-server/200801/1
Guest Lanwench [MVP - Exchange] Posted January 30, 2008 Posted January 30, 2008 Re: Roaming Profile+Folder Redirection SBN via WinServerKB.com <u32166@uwe> wrote: > What i mean is that roaming profile copies the users whole user > profile settings (my documents, Desktop and others)from the user's > computer to the server and vice versa when the user logs. And folder > redirection and is designed to redirect desktop my documents and > others without copying the whole contents of these only those that > were recently change. so if i enabled both roaming profile and folder > redirection there will be 2 version of desktop and my documents for > example on the server.right? so its like both have the same kind of > job but different approach of doing it. :) so i was just wondering if > they overlap on their jobs and which one is the priority :) You're close, but no cigar. Roaming profiles copy up and down, yes (although with folder redirection for My Documents, Application Data, and Desktop, that should be minimal stuff) at login / logout. Folder redirection makes My Docs (etc) point at server folders, so the user is directed to a non-local folder for anything redirected....it is no longer part of the profile path. Redirection doesn't *copy* anything. Don't confuse folder redirection with offline files. They are not the same thing. I do not use or recommend offline files on LAN-connected computers (and am not terribly fond of the feature even for laptops). I disable offline files via group policy, if not also on the parent shares themselves.
Guest SBN via WinServerKB.com Posted February 4, 2008 Posted February 4, 2008 Re: Roaming Profile+Folder Redirection Well actually i dont, im just confuse on when to use folder redirection :) -- Message posted via WinServerKB.com http://www.winserverkb.com/Uwe/Forums.aspx/windows-server/200802/1
Guest Lanwench [MVP - Exchange] Posted February 4, 2008 Posted February 4, 2008 Re: Roaming Profile+Folder Redirection SBN via WinServerKB.com <u32166@uwe> wrote: > Well actually i dont, im just confuse on when to use folder > redirection :) On desktops, I think you should always use it for My Documents, and Desktop, probably Application Data also. I don't use Start Menu.
Guest SBN via WinServerKB.com Posted February 5, 2008 Posted February 5, 2008 Re: Roaming Profile+Folder Redirection Lanwench [MVP - Exchange] wrote: >> Well actually i dont, im just confuse on when to use folder >> redirection :) > >On desktops, I think you should always use it for My Documents, and Desktop, >probably Application Data also. I don't use Start Menu. Thank for all your help :) -- Message posted via WinServerKB.com http://www.winserverkb.com/Uwe/Forums.aspx/windows-server/200802/1
Guest Lanwench [MVP - Exchange] Posted February 5, 2008 Posted February 5, 2008 Re: Roaming Profile+Folder Redirection SBN via WinServerKB.com <u32166@uwe> wrote: > Lanwench [MVP - Exchange] wrote: >>> Well actually i dont, im just confuse on when to use folder >>> redirection :) >> >> On desktops, I think you should always use it for My Documents, and >> Desktop, probably Application Data also. I don't use Start Menu. > > Thank for all your help :) Most welcome - hope it helps.
Recommended Posts