We have recently moved our users home folders from an older 2k3 server to a new 2k8r2 server. Server one was called \\w2k3\Users\(Username) we moved all the folders using the Microsoft file server migration tool, to the new server shared out as \\w2k8\users\(username) We used a bulkAD tool to update all the users H drives in AD and that worked perfect. Now we are working on the Documents redirect which is not working at all.
We just redirect the documents folder right to the users folder.
I went and changed our GPO to be the new server and it broke, I have tried rebuilding the GPO it still will not connect.
We have added and verified all the share/NTFS permissions via the Microsoft tech article. which were ok as they moved with the folders.
If we blow away the users H driver and let AD put it back the redirect works fine.
The error we get in Event viewer is 502, Cannot create folder \\w2k8\users\(username) The Security ID is not an owner on the object. Admin is the owner of all these folder.
We have grant exclusive access turned off in the GPO the only check we have is the last one that is for 2000,2003 and xp as we still have 3 xp machines.
Yeah gave a user ownership of their folder and noticed it had a melt down on the my video/Pictures etc folders. Those were not there in 2k3 so I am thinking they might be the issue that was holding back. Once I gave the user full ownership to the whole folder it mapped correctly. Is this standard behaviour for 2k8 server? Once the user has full ownership then obviously the admins are cut out of the security as you cant modify it with out taking ownership back and that messes it all up again.
The only part that doesn't make sense about that would be that when we create a new user Admin gets ownership and those work.
Thoughts? Also if this is the case there a batch apply ownership tool?
Last edited by Dkromm; 1st April 2014 at 02:16 AM.
You can make them owners on the folders, then on the root share set FULL CONTROL for domain admins then set a DENY on read permissions for everyone else - they won't be able to read (therefore won't be able to change) the permissions on the folders, and you still have control over them.
And regarding a batch tool, I believe there's one script floating around on this site but I'm not having much luck finding it.
I'm having similar issues but subtly different.
Anyway I came across this which may help you. Didn't work for me
Redirecting the user's Documents folder to their home directory fails when "Grant the user exclusive rights to Documents" is selected
Yeah I just broken down and added ownership to everyone H drive. We did find out the old servers share needed to be left for it to re-map even though we have move data unchecked. Sometimes I love windows
There are currently 1 users browsing this thread. (0 members and 1 guests)