Can anyomne thinkm of a quick way to fix the fact i appeared to have left the tick on give users exclusive rights to their downloads folder in folder redirection. I dont fancy manually having to fix them all
in a similar vane are their any script out there that will allow me to move the random documents/folders in a persons user area to a documents folder but leave pics/music/desktop etc alone so i dont have the 2008 folder etc filled with my documents rather than the user name
Coud you possibly post your share stucture for a typical user? It doesn't need to have real names.
e.g.
\\SERVER\share\users\{username\downloads
\\SERVER\share\users\{username\my docs\downloads
Depending on your permissions for the *users* directory shown above you could have a simple quick fix.
d:\users\2008\username\my pictures
d:\users\2008\username\my music etc
the idea is so that their user drive just has folders in no "what i did on holiday.doc" that should be in documents then desktop.ini is no longer an issue
had a quick test script on a copy of some random kids user area (and granted this need some %%u in it but seems to work to move all but the system folders (so favorites desktop etc) but im open to opinions
Code:robocopy c:\test\6mmuteb\ c:\test\6mmuteb\documents\ /move /xd "contacts" "desktop" "downloads" "favorites" "links" "my music" "my pictures" "my videos" "saved games" "searches" "documents" /mir
Last edited by sted; 11th March 2013 at 04:33 PM.
First things first, DO NOT TAKE OWNERSHIP OF ANY USER FILES/FOLDERS
If you do fixing this will take a lot longer.
As long as {username} is owned by the person (you wont be able to view this currently as they are exclusive but take over a test account's folder to grab a screenshot of permissions before deleting it or changing ownership back.
One thing, if your using roaming profiles, the profiles are not located beneath that {username} dir? It has an additional gotcha where if you try to log into an account who is not owner of the profile (doesnt need to be exclusive), loading the proflle will fail.
To quickly fix exclusive permissions issue you can reset permission inheritance on the 2008 folder (right click the 2008 folder) then ensure that CREATOR OWNER applies to subfolders and files. The 2008 directory should allow x usergroup to create folders in the 2008 folder but NOT apply to subfolders/files otherwise everyone can see everyone's files so you have to use advanced permissions window. Ensure domain admins and SYSTEM have permissions to 2008 and applies to subfolders and files which will allow you to access/backup files. The permissions for 2008 should be like this roughly:
X USERGROUP => Create folders, apply to this folder only
CREATOR OWNER => full rights (if you want that), apply to subfolders and files
DOMAIN ADMIN GROUP/SYSTEM => Full rights, apply everywhere
Now when you reset permissions and apply to subfolders and files in the properties dialogue all the beneath directories will be reset to match this pattern. The CREATOR OWNER gets replaced with the user who has ownership to the file/folder automatically unless they are not owner.
That should fix the exclusive problem at least.
To redirect the directories to subfolders specify a directory of path \\server\share\2008\%username%\ {my pics/my music/etc} which will result in the username dir being created automatically. When editing the GP there is another gotcha where it doesn't sometimes show the setting correctly when you reopen the GPO even though its set correctly so just go canny when tweaking those settings.
Let me know how you get on.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks