Jump to content

Roaming Profiles

Guest Gorge Lucas

By Guest Gorge Lucas
in Windows 2003 Server

 Share

Recommended Posts

Guest Gorge Lucas

Guest Gorge Lucas

Posted
Posted

Hi,

 

I just need some clarfication on roaming profiles. What is the point of

folder redirection?

 

If you have a profile on the server, why redirect the folders?

 

I have a profile of \\dom-01\profiles$\user\ I also redirected all the

folders there using a GPO. Now I have noticed that when I delete files off

the desktop they reappear. I was told this is because I am using folder

redirection into the profile folder. Is it recommended to put this

elsewhere?

 

What is the best way to use folder redirection?

 

Thanks

  • Replies 2
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Anthony [MVP]

Guest Anthony [MVP]

Posted
Posted

Re: Roaming Profiles

 

"Redirection" takes the folder out of the profile and puts it somewhere else

(generally on the network).

Therefore, if the profile is Roaming, synchronisation of the profile at

logon and logoff is quicker. You can also use the same My Documents folder

in both a Roaming Profile and a Terminal Services profile, if it has been

redirected.

You should redirect to a different location, not back into the profile.

One of the confusing things is that Redirected folders, like any network

folders, can be made available Offline, and by default are. This means that

they also synchronize, but using a different mechanism. For fixed

workstation you don't necessarily need to make the redirected folders

available offline, although there is an argument that if the nework fails

people can still work.

Hope that helps,

Anthony,

http://www.airdesk.co.uk

 

 

"Gorge Lucas" <gorge192@hotmail.com> wrote in message

news:%23SRy8PgoIHA.4616@TK2MSFTNGP05.phx.gbl...

> Hi,

>

> I just need some clarfication on roaming profiles. What is the point of

> folder redirection?

>

> If you have a profile on the server, why redirect the folders?

>

> I have a profile of \\dom-01\profiles$\user\ I also redirected all the

> folders there using a GPO. Now I have noticed that when I delete files off

> the desktop they reappear. I was told this is because I am using folder

> redirection into the profile folder. Is it recommended to put this

> elsewhere?

>

> What is the best way to use folder redirection?

>

> Thanks

>

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: Roaming Profiles

 

Gorge Lucas <gorge192@hotmail.com> wrote:

> Hi,

>

> I just need some clarfication on roaming profiles. What is the point

> of folder redirection?

>

> If you have a profile on the server, why redirect the folders?

>

> I have a profile of \\dom-01\profiles$\user\ I also redirected all the

> folders there using a GPO. Now I have noticed that when I delete

> files off the desktop they reappear. I was told this is because I am

> using folder redirection into the profile folder. Is it recommended

> to put this elsewhere?

 

Definitely! Don't redirect to the profile folder - you're defeating the

purpose & will have problems galore (you're telling it to loop,

essentially.)

>

> What is the best way to use folder redirection?

>

> Thanks

 

Use both roaming profiles & folder redirection. Roaming profiles work well

only if they're tiny. My boilerplate is below.

 

********************

General tips:

 

1. Set up a share on the server. For example - d:\profiles, shared as

profiles$ to make it hidden from browsing. Make sure this share is *not* set

to allow offline files/caching! (that's on by default - disable it)

 

2. Make sure the share permissions on profiles$ indicate everyone=full

control. Set the NTFS security to administrators, system, and users=full

control.

 

3. In the users' ADUC properties, specify \\server\profiles$\%username% in

the profiles field

 

4. Have each user log into the domain once - if this is an existing user

with a profile you wish to keep, have them log in at their usual

workstationand log out. The profile is now roaming.

 

5. If you want the administrators group to automatically have permissions to

the profiles folders, you'll need to make the appropriate change in group

policy. Look in computer configuration/administrative templates/system/user

profiles - there's an option to add administrators group to the roaming

profiles permissions. Do this *before* the users' roaming profile folders

are created - it isn't retroactive.

 

********************

Notes:

 

Make sure users understand that they should not log into multiple computers

at the same time when they have roaming profiles (unless you make the

profiles mandatory by renaming ntuser.dat to ntuser.man so they can't change

them, which has major disadvantages),. Explain that the 'last one out wins'

when it comes to uploading the final, changed copy of the profile. If you

want to restrict multiple simultaneous network logins, look at LimitLogon

(too much overhead for me), or this:

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8768

 

********************

Keep your profiles TINY. Via group policy, you should be redirecting My

Documents (at the very least) - to a subfolder of the user's home directory

or user folder. Also consider redirecting Desktop & Application Data

similarly..... so the user will end up with:

 

\\server\users\%username%\My Documents,

\\server\users\%username%\Desktop,

\\server\users\%username%\Application Data.

 

[Alternatively, just manually re-target My Documents to

\\server\users\%username% (this is not optimal, however!)]

 

You should use folder redirection even without roaming profiles, but it's

especially critical if you *are* using them.

 

If you aren't going to also redirect the desktop using policies, tell users

that they are not to store any files on the desktop or you will beat them

with a

stick. Big profile=slow login/logout, and possible profile corruption.

 

********************

Note that user profiles are not compatible between different OS versions,

even between W2k/XP. Keep all your computers. Keep your workstations as

identical as possible - meaning, OS version is the same, SP level is the

same, app load is (as much as possible) the same.

 

*********************

If you also have Terminal Services users, make sure you set up a different

TS profile path for them in their ADUC properties - e.g.,

\\server\tsprofiles$\%username%

 

********************

Do not let people store any data locally - all data belongs on the server.

 

********************

The User Profile Hive Cleanup Utility should be running on all your

computers. You can download it here:

http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en

 

********************

Roaming profile & folder redirection article -

http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html

 Share
Go to topic listing
×
×
  • Create New...