Redirection of My Documents with Antispyware

I have a W2K3 server running AD. A GPO redirects user's My Documents to
their network home directory. I found that when user "K" would log on to
their WXP machine, they were unable to access My Documents even though the
share/NTFS perms were properly set on file server. Turns out that when I
look at props for My Documents, it is redirecting user to old home share of
user "M" that used to exist on a file server we no longer have. No user
account references the old server anymore on the Profiles tab, and all GPOs
no longer reference the old server either. I rebooted/logged off several
times with no success.

The short resolution was that I deleted all local copies of offline files
(redirected My Documents are automatically made available offline) and
disabled offline file capability. Upon logging on, all users access My
Documents directed to their appropriate home directory. Then, I reenabled
offline files and everything looks fine. However, I had done this once
before and though it seemed to fix the problem initially, it recurred.

What's this have to do with Microsoft Antispyware? Well, when user "M" logs
on, I get the message that appears in the attached BMP file (I allowed only
the first letter of each username to appear in the BMP). I think that the
problem might be with Microsoft Antispyware somehow. Although it's only
supposed to catch attempts at changes to the system, it looks like it's
meddling by allowing users to block a change that should be forced down via
GPO. I think my user "M" might have selected "block" and thereby caused a
problem. Apologies for the long message, it's a bit complicated and requires
a lot of explanation.

Anybody with any other ideas or suggestions?
TIA,
James.

James wrote:
>Anybody with any other ideas or suggestions?
>TIA,
>James.

Hi

Enterprise version is coming, I would advice you to
cut users right to install programs if this is a
corporate network. I know this is a really hot issue
but you can´t stand with a ruined network beacuse of
users have right to install Betas. This will "kill"
all admins if they don´t cut users right within policys.

You can find more of this within "networking" group.

This seems to be a real "ring bell" about users right
to install programs within networks...!

--
plun

Yes, the version we are currently using is targetted at home users.
Microsoft has an enterprise edition in the works with advanced features for
corporate networks such as Central Management and group policy editor.

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

"James I. Conrad" <james@accusource.net> wrote in message
news:raXan67HFHA.2380@cpmsftngsa06.privatenews.microsoft.com...
>I have a W2K3 server running AD. A GPO redirects user's My Documents to
>their network home directory. I found that when user "K" would log on to
>their WXP machine, they were unable to access My Documents even though the
>share/NTFS perms were properly set on file server. Turns out that when I
>look at props for My Documents, it is redirecting user to old home share of
>user "M" that used to exist on a file server we no longer have. No user
>account references the old server anymore on the Profiles tab, and all GPOs
>no longer reference the old server either. I rebooted/logged off several
>times with no success.
>
> The short resolution was that I deleted all local copies of offline files
> (redirected My Documents are automatically made available offline) and
> disabled offline file capability. Upon logging on, all users access My
> Documents directed to their appropriate home directory. Then, I reenabled
> offline files and everything looks fine. However, I had done this once
> before and though it seemed to fix the problem initially, it recurred.
>
> What's this have to do with Microsoft Antispyware? Well, when user "M"
> logs on, I get the message that appears in the attached BMP file (I
> allowed only the first letter of each username to appear in the BMP). I
> think that the problem might be with Microsoft Antispyware somehow.
> Although it's only supposed to catch attempts at changes to the system, it
> looks like it's meddling by allowing users to block a change that should
> be forced down via GPO. I think my user "M" might have selected "block"
> and thereby caused a problem. Apologies for the long message, it's a bit
> complicated and requires a lot of explanation.
>
> Anybody with any other ideas or suggestions?
> TIA,
> James.
>
>

I think your thought about what happened may be correct:

This KB article is one of only two in the Known issues at the download site,
and is also repeated, I think, in the Known issues section of the Help file
in build .509:

http://support.microsoft.com/kb/892375 End users may be prompted to allow or
block administrative actions that originate from a central management tool
after they install Windows AntiSpyware (Beta) on a computer that is managed
by Systems Management Server 2003

So this can clearly happen, and there's no way to prevent it in the current
beta product.

Here is some other odds and ends of information which may be useful in your
environment :

Scripting issues:

http://www.microsoft.com/technet/sc...es/antispy.mspx

Unattended uninstall:

MsiExec.exe /X {536F7C74-844B-4683-B0C5-EA39E19A6FE3} /L *vx /Log
c:\msas.log /quiet

(You may find this is one way to deal with the issue.)

Unattended Install:

http://www.overdose.net/docs/msas_s...ote_install.txt

--
FAQ for Microsoft Antispyware:
http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

"James I. Conrad" <james@accusource.net> wrote in message
news:raXan67HFHA.2380@cpmsftngsa06.privatenews.microsoft.com...
>I have a W2K3 server running AD. A GPO redirects user's My Documents to
>their network home directory. I found that when user "K" would log on to
>their WXP machine, they were unable to access My Documents even though the
>share/NTFS perms were properly set on file server. Turns out that when I
>look at props for My Documents, it is redirecting user to old home share of
>user "M" that used to exist on a file server we no longer have. No user
>account references the old server anymore on the Profiles tab, and all GPOs
>no longer reference the old server either. I rebooted/logged off several
>times with no success.
>
> The short resolution was that I deleted all local copies of offline files
> (redirected My Documents are automatically made available offline) and
> disabled offline file capability. Upon logging on, all users access My
> Documents directed to their appropriate home directory. Then, I reenabled
> offline files and everything looks fine. However, I had done this once
> before and though it seemed to fix the problem initially, it recurred.
>
> What's this have to do with Microsoft Antispyware? Well, when user "M"
> logs on, I get the message that appears in the attached BMP file (I
> allowed only the first letter of each username to appear in the BMP). I
> think that the problem might be with Microsoft Antispyware somehow.
> Although it's only supposed to catch attempts at changes to the system, it
> looks like it's meddling by allowing users to block a change that should
> be forced down via GPO. I think my user "M" might have selected "block"
> and thereby caused a problem. Apologies for the long message, it's a bit
> complicated and requires a lot of explanation.
>
> Anybody with any other ideas or suggestions?
> TIA,
> James.
>
>