Hello,
Thank you for using newsgroup!
Thanks our MVP Lanwench for his kindly help.
Thanks & Regards,
Ken Zhao
Microsoft Online Support
Microsoft Global Technical Support Center
Get Secure! -
www.microsoft.com/security <
http://www.microsoft.com/security>
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Lanwench [MVP - Exchange]"
<
[email protected]>
| References: <
[email protected]>
<
[email protected]>
<
[email protected]>
| Subject: Re: Roaming Profiles and Folder Redirection
| Date: Fri, 8 Jun 2007 08:58:35 -0400
| Lines: 157
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3028
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
| Message-ID: <#NBU#
[email protected]>
| Newsgroups: microsoft.public.windowsxp.general
| NNTP-Posting-Host: cpe-24-193-56-181.nyc.res.rr.com 24.193.56.181
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windowsxp.general:88558
| X-Tomcat-NG: microsoft.public.windowsxp.general
|
| > Thanks for the quick response.
| >
| > 1 - No, desktop is not set to auto arrange
| > 2 - I set up offline folders for the desktop so if they do save
| > something there while roaming it would be available anywhere they
| > logged in.
|
| Well, since they should only log in to one computer at a time, and your
| network/server should always be available, I wouldn't do that.
|
| > All of the redirections that I set up are set for offline
| > access.
| I wouldn't do that, either. I have seen far too many problems w/offline
| files in the gazillion years I've been working with Windows, to ever want
| them on my networks again ....but I might make exceptions for laptops.
| Never, ever for desktops.
|
|
| > 3 - I've tried the GPO for always wait for network, I'll try
| > it again and test though.
| > 4 - You can tell users not to save things to their desktop, but they
| > still will. It's inevitable. Some of these guys couldn't find
| > anything if a shortcut hadn't been created on their desktop.
|
| This is true. Hence, you can redirect Desktop. But that don't make
offline
| files a good thing. Roaming profiles <> offline files.
| >
| > According to MS propaganda, roaming profiles ARE compatible between Op
| > Systems,
|
| Hmmm. Got a link for that? I know for a fact that it causes problems, but
| it'd be interesting to see something official that states the contrary.
|
| > but that's really not an issue here and I know that
| > sometimes things just don't work the way they're supposed to. And
| > they erecoomend NOT redirecting to the home directory (if I remember
| > correctly).
|
| Yes, some articles say that - but I've been doing it that way forever,
and
| it always works. You don't have to have home directories at all, of
course.
| >
| > Thanks!
| >
| >>> I'm beginning to implement roaming profiles as well as redirecting
| >>> the My Documents, Desktop, and Application Data folders and have
| >>> been experiencing some unexpected results.
| >>
| >> Note that you might post future questions such as this in a server,
| >> AD or GP group for more expert help.
| >>>
| >>> First, when my test user logs in, his desktop icons are never in the
| >>> same place that he has placed them. A minor inconvenience I know,
| >>> but it's driving him crazy.
| >>
| >> Is it set to "autoarrange"?
| >>
| >> He might check out the "Desktop Icons - Lock" section here:
| >>
http://www.kellys-korner-xp.com/xp_d.htm
| >>
| >> Frankly, I usually set up users' initial profiles with "auto
| >> arrange" and make anything else their problem, and tell them I don't
| >> want to hear about it if they want to arrange 200 shortcuts in a
| >> ziggurat design. Oh, and I also force Windows Classic, and the
| >> Classic Start menu via GPO, because it's so much easier to find
| >> everything....and business users really don't need the Fisher Price
| >> interface.
| >>
| >>>
| >>> Second, when he logs in sometimes he gets an error that files are
| >>> are in use during synchronization (at this point I'm unsure of the
| >>> exact message, but I can get it).
| >>
| >> Do you actually *need* offline files on your desktops? I don't see
| >> the point - I'd disable them via group policy or on the share
| >> properties. But read on....
| >>
| >>> When this happens, he doesn't get any of
| >>> his custom desktop shortcuts. It seemed to me like there was a
| >>> timing issue involved between loading the profile information and
| >>> synchronizing the folders.
| >>
| >> Possibly - one thing you might want to set via GPO is "always wait
| >> for network...."
| >>
| >> Computer Configuration / Administrative Templates / System / Logon.
| >> Double-click Always wait for the network at computer startup and
| >> logon and Enable this policy.
| >>
| >>> Would it be better to not sync the Desktop
| >>> and Application Data folders and just let the roaming profile take
| >>> care of that information?
| >>
| >> Yes. Use folder redirection for My Documents and Desktop (or do what
| >> I do, which is to tell users not to put anything but shortcuts on
| >> their desktops - no files, or I'll holler at 'em). I only redirect
| >> My Documents. Application Data can usually roam.
| >>>
| >>> I'm waiting to get all of the kinks worked out before deploying on a
| >>> larger scale, so any help would be greatly appreciated.
| >>
| >> the following is my boilerplate on roaming profiles -
| >>
| >> General tips:
| >>
| >> 1. Set up a share on the server. For example - d:\profiles, shared as
| >> profiles$ to make it hidden from browsing. Make sure this share is
| >> not set to allow offline files/caching!
| >> 2. Make sure the share permissions on profiles$ indicate
| >> everyone=full control. Set the NTFS security to administrators,
| >> system, and users=full control.
| >> 3. In the users' ADUC properties, specify
| >> \\server\profiles$\%username% in the profiles field
| >> 4. Have each user log into the domain once from their usual
| >> workstation (where their existing profile lives) and log out. The
| >> profile is now roaming.
| >> 5. If you want the administrators group to automatically have
| >> permissions to the profiles folders, you'll need to make the
| >> appropriate change in group policy. Look in computer
| >> configuration/administrative templates/system/user profiles -
| >> there's an option to add administrators group to the roaming
| >> profiles permissions.
| >>
| >> Notes:
| >>
| >> * Make sure users understand that they should never log into multiple
| >> computers at the same time when they have roaming profiles (unless
| >> you make the profiles mandatory by renaming ntuser.dat to ntuser.man
| >> so they can't change them). Explain that the
| >> last one out
| >> wins, when it comes to uploading the final, changed copy of the
| >> profile.
| >>
| >> * Keep your profiles TINY. Redirect My Documents; usually best done
| >> to the user's home directory on the server - either via
| >> group policy (folder redirection) or manually (far less advisable).
| >> If you aren't going to also redirect the desktop using policies,
| >> tell users that they are not to store any files on the desktop or
| >> you will beat them with a stick. Big profile=slow login/logout, and
| >> possible profile corruption.
| >>
| >> * Note that user profiles are not compatible between different OS
| >> versions, even between W2k/XP. Keep all your computers. Keep your
| >> workstations as identical as possible - meaning, OS version is the
| >> same, SP level is the same, app load is (as much as possible) the
| >> same.
| >>
| >> * Do not let people store any data locally - all data belongs on the
| >> server.
| >>
| >> * The User Profile Hive Cleanup Utility should be running on all your
| >> computers. You can download it here:
| >>
http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-
B570-42470E2F3582&displaylang=en
|
|
|
|