RE: redirected-redirected folders

Jenny Are you saying that offline file sychronization should be turned off on
the workstations if I am using folder redirect and roaming profiles????? The
folders that contain the roaming profiles are on the server where offline
files are not activated. All of the other conditions you have indicated have
been met on the server and workstations!!! If I turn off offline
synchronization the problem will not occur but I must make sure that
redirected folders and roaming profiles will correctly write data to the
server at user logoff with that function defeated on the workstation.

""Jenny wu [MSFT]"" wrote:

> Hi Robert,
>
> Thanks for your update! I am jenny and I am backup of Brandy for she is now
> taking leave. I will continue work with you. I am sorry for inconvenience
> for that.
>
> The offline files and roaming profile indeed has some conflicts. Please
> consider the following when implementing roaming profiles:
>
> 1. Do not use Offline Folder caching on roaming user profile shared
> directories.
>
> It is important to turn off Offline Folder caching for shared directories
> where roaming user profiles are stored. If you do not turn off Offline
> Folder caching for a user''s profile, you might experience synchronization
> problems when both Offline Folders and roaming user profiles try to
> synchronize the files in a user''s profile. This does not affect your
> ability to use Offline Folders with redirected folders such as My
> Documents.
>
> 2. Do not use Encrypted File System (EFS) on files in a roaming user
> profile.
>
> The Encrypted File System (EFS) is not compatible with roaming user
> profiles. If you encrypt profile folders or files in the user profile using
> EFS, the user''s profile will not roam.
>
> 3. Do not set disk quotas too low for users with roaming user profiles.
>
> If a user''s disk quotas are set too low, roaming user profile
> synchronization might fail. Make sure enough disk space is allocated to
> allow the system to create a temporary duplicate copy of a user''s profile.
> The temporary profile is created in the user''s context as part of the
> synchronization process, so it debits the user''s quota.
>
> 4. When creating a roaming profile shared directory, limit access to only
> those users that need access.
>
> - Because a users roaming profile can contain personal information such as
> confidential documents and EFS certificates, care should be taken to
> protect access to the shared directory. Restrict access to the shared
> directory to only those users that need access. You can also create a
> security group for users that have profiles on a particular shared
> directory, and limit access to only those users.
>
> - Only give users the minimum amount of permissions needed.
>
> - When creating the shared directory, hide it by putting a $ after the
> share name. This hides the shared directory from casual browsers, and it
> will not be visible in My Network Places.
>
> 5. Use at least Windows 2000 servers to host user roaming profile shared
> directories.
>
> Because a users roaming profile contains personal information which is
> copied to and from a client computer, and the server hosting the roaming
> profile, it is important to ensure that data is protected as it travels
> over the network. Potential threats to the privacy and integrity of a
> user''s data come from intercepting the data as it passes over the network,
> tampering with the data as it passes over the network, and spoofing the
> server hosting the user''s data. Features such as Kerberos, IPSec, and
> Server Message Block (SMB) signing included in Windows 2000 and the Windows
> Server 2003 family can help to secure a user''s data.
>
> 6. Always use the NTFS file system for volumes holding user''s data.
>
> Configure servers hosting roaming profiles to use the NTFS File System.
> Unlike FAT, NTFS supports Discretionary access control lists (DACLs) and
> system access control lists (SACLs), which control who can perform
> operations on a file and what events will trigger logging of actions
> performed on a file.
>
> After verifying above settings, please see if the issue be fixed.
>
> I appreciate your time! I am happy to be of assistance.
>
> Have a nice day!
>
> Sincerely,
>
> Jenny Wu
> Microsoft CSS Online Newsgroup Support
> Get Secure! - www.microsoft.com/security
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> --------------------
> >Thread-Topic: redirected-redirected folders
> >thread-index: AcYhv3bnyRpb/1bWTzqAVOf3Hr/2Ig==
> >X-WBNR-Posting-Host: 65.182.233.127
> >From: =?Utf-8?B?Qml0Ym9i?= <Bitbob@xxxxxxxxxxxxxxxxxxxxxxxxx>
> >References: <479B4BE5-188C-4357-898C-BA84D95B78D7@xxxxxxxxxxxxx>
> <btxf5G$HGHA.3944@xxxxxxxxxxxxxxxxxxxxx>
> <5CD08437-2A12-4987-B409-9E6F374A452E@xxxxxxxxxxxxx>
> <fhHmgIZIGHA.224@xxxxxxxxxxxxxxxxxxxxx>
> >Subject: RE: redirected-redirected folders
> >Date: Wed, 25 Jan 2006 06:56:04 -0800
> >Lines: 41
> >Message-ID: <86FA8CB9-3D74-41A0-BEDA-59D71CA52870@xxxxxxxxxxxxx>
> >MIME-Version: 1.0
> >Content-Type: text/plain;
> > charset="Utf-8"
> >Content-Transfer-Encoding: 8bit
> >X-Newsreader: Microsoft CDO for Windows 2000
> >Content-Class: urn:content-classes:message
> >Importance: normal
> >Priority: normal
> >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
> >Newsgroups: microsoft.public.windows.server.sbs
> >NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
> >Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
> >Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:239250
> >X-Tomcat-NG: microsoft.public.windows.server.sbs
> >
> >Brandy: 1. As I indicated when offline files is turned off there are no
> error
> >messages!
> >
> > 2. here is a chronological listing of occurrences
> >
> >
> >
> >a. user 2 is logged in and using workstation
> >
> >b. user 2 logs off without incident
> >
> >c. user1/jadesh logged on and before she could start using the
> machine
> >the Antispam window pops up and asks if they want to allow change from
> user 1
> >shell elements to jadesh shell elements [ yes or no ]!!!
> >
> >d. This continued happening each time the different users logged on
> >---Antispam would pop up and ask if they wished to allow a change from the
> >last users shell elements to their shell elements [yes or no]!!!!
> >
> >e. I arrived on the scene and disabled the parts of Antispam that
> dealt
> >with shell elements and the popup window stopped!!!!
> >
> >f. However now jadesh had the logoff offline file synchronization
> >error message anytime she logs off!!
> >
> >g. All I want to do is get rid of the error messages at her logoff by
> >disabling whatever is calling for her data to be synchronized with
> user2’s
> >data--- and no it would be rather counterproductive to allow her data to
> be
> >synchronized with user 2’s data so I will not give offline
> synchronization
> >security clearance to do so!!!!!
> >
> >3. Jadesh encounters no other error messages aside from those that occur
> at
> >logoff during synchronization- a sample of which I have already supplied
> you
> >with.
> >
> >4. Again the users were making no changes to their various shell
> elements!!!
> >All they were doing was logging on and off the workstation.!!!!!
> >
> >
> >
> >
> >
>
>
.

Relevant Pages

  • RE: Folder re-direction and "Offline files".
    ... after only one reboot the profile gets screwed up. ... and a 2nd share for the re-directed folders. ... do they automatically sync as OFFLINE ... not connected to the sever (laptops, down server, etc). ...
    (microsoft.public.windows.server.active_directory)
  • Re: Roaming Profiles and redirected folders
    ... No I do not want all my Adobe stuff roaming. ... profile down to 172MB. ... I would prefer to really correct the origin, the adobe folder. ... folder & offline sync. ...
    (microsoft.public.windows.server.general)
  • Re: Exclude Directories from Roaming Profile
    ... whole reconciliation process that happens at logon/logoff related to roaming ... > folders are in BOTH the local and roaming profiles. ... > The one drawback to this new way of doing it is that since Local Settings ... >> when the roaming profile reconciles with the local copy, ...
    (microsoft.public.windows.group_policy)
  • RE: Folder re-direction and "Offline files".
    ... If the keys aren't available without the server then the user can't ... automatically enables Offline Folders. ... after only one reboot the profile gets screwed up. ... and a 2nd share for the re-directed folders. ...
    (microsoft.public.windows.server.active_directory)
  • RE: redirected-redirected folders
    ... The offline files and roaming profile indeed has some conflicts. ... When creating a roaming profile shared directory, ...
    (microsoft.public.windows.server.sbs)