Re: SBS 2003 folder redirection, offline files, ..and more

On Jun 30, 9:56 am, TravisF <tdqh1...@xxxxxxxxx> wrote:
On Jun 29, 5:04 pm, "Les Connor [SBS MVP]" <les.con...@xxxxxxxxxxxx>
wrote:



If the user is a local admin, and offline files is turned on, the files are
viewable.

--
Les Connor [SBS MVP]

"TravisF" <tdqh1...@xxxxxxxxx> wrote in message

news:1183149604.216366.326020@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

On Jun 29, 12:57 pm, "Les Connor [SBS MVP]" <les.con...@xxxxxxxxxxxx>
wrote:
With some creative GPO configuration, you can set up off-line folders so
they're only active when you log onto a specific computer (or computers),
but not others.

I often have to do this in cases where we have older DOS based LOB
applications that require users have admin rights on workstations, and a
"boss" who likes to roam around the facility, logging onto various
workstations, and who also has a laptop.

The challenge is to have my doc's redirection enabled for the desktops,
without off line folders, and a synchronized copy of the "boss" documents
on
his laptop, but nowhere else - as with local admin rights his
documents -
once synced to a workstation - are no longer private ;-).

--
Les Connor [SBS MVP]

"TravisF" <tdqh1...@xxxxxxxxx> wrote in message

news:1183134625.384440.136570@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

On Jun 21, 3:58 pm, "Dave Nickason [SBS MVP]"
<gwdib...@xxxxxxxxxxxxxxxxxxxxxx> wrote:
You can have both redirection and Home Folders. That's what I do -
I've
set
up a different location for the documents outside of the home folders.
A
few of my users use the home folder for any purpose they wish, knowing
it's
backed up while the desktop PC is not. Most don't use the home
folders
so a
lot of them are sitting there empty.

You don't need a drive letter for redirection - it's pretty much
automatic
and fully configured by group policy.

If something blows up: Right now my docs are redirected to the server
and
cached on my local PC with Offline Files. If my client PC blows up, I
can
log in at any other PC in the office and see the server copy of my
docs -
redirection will be set up on that PC the first time I log in and I'll
just
magically see my docs on the server. If the server blows up, I'll be
able
to see all the cached copies of my documents that are stored on my
local
PC.
Although I would not want to rely on the cached copies as my only
backup,
I
could easily restore from the cache on this PC if I had to.

If I log in at a different PC, my documents will cache in my own
profile
on
that PC. That can be a minor drawback due to the time taken by the
first
sync and the drive space used, but it's a minor annoyance and you're
kind
of
stuck with it anyway, as the policy is going to force that sync.
Users
of
shared PCs don't have access to each other's synched files. If I log
into a
client PC that I don't normally use, I just cancel the sync. I'm
trying
to
develop the habit of using the local admin account for routine IT
chores
at
client PCs to avoid this altogether.

Backup works fine, although I never gave any thought to why. As for
recovering files, the users can do that themselves with shadow copy.
If
you
need access for the Administrator account, you'll have to take
ownership
and
change the security settings. This can be a minor pain as the default
permissions don't even let the administrator see the size or number of
files
in the users' directories.

I'm not familiar with Netware, but I drank the SBS kool aid in 1998
and
never looked back. Once you roll this out, you'll see that there's
little
or nothing that could make redirection any easier than it is.
Besides, a
little complexity is good for job security : -) All seriousness
aside,
my
current SBS box has been running since Feb '06 without a single moment
of
unplanned down time. I'm willing to put up with a little complexity
for
that level of bulletproof-ness (what's the correct term for the state
of
being bulletproof, anyway?).

"TravisF" <tdqh1...@xxxxxxxxx> wrote in message

news:1182453125.636799.108120@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Ok I hope this is not too stupid of me to ask.
Am about to setup a new sbs 03 server.
I've worked lots with pcs, general networking , Netware server etc.
Not many w2k03 servers.

I am familiar with folder redir, offline files etc.

I'd like to utilize this for all (15 or so) of my pc users.

I'm used to the old way of doing network data storage creating a
Home
folder, mapping a common drive letter for each user in a system
logon
script so each user sees U: drive as their respective home personal
data area. U:\Larry etc. That and we used to have them responsible
for copying their own data . Can you imagine !!

Anyway the folder redir / offline files combo looks much better to
me.
The way I see it, they don't even need a drive letter mapped,
correct?...since the whole thing is transparent anyway?

Well what if their pc or notebook blows up and they HAVE to get
their
data now - well again (in the old days) they would go to another
machine, logon as themselves, get their data off their U drive...yes
I
know.. IF they backed it up!

Ok so what happens now if they do this with folder redir / offline
enabled - they go to another machine , logon.. won't it try to sync
the new machine's "my documents" with that on the server? I don't
want
that to happen - just need them to get at their files...in this
case...off the server. I want to have it as automatic as possible -
cause otherwise they will forget if its set to manual then they will
scream where's my documents when its deleted...... you know...

As well....regarding backup...this excerpt from
http://technet2.microsoft.com/windowsserver/en/library/ab9f7e44-afbf-...

"Grant the user exclusive rights to My Documents. If selected, this
sets the NTFS security descriptor for the %username% folder to Full
Control for the user and local system only; this means that
administrators and other users do not have access rights to the
folder. This option is enabled by default. Note: Changing this
option
after the policy has been applied to some users will only effect new
users receiving the policy."

I'm wondering will a backup application have trouble with this
if..."administrators and other users do not have access rights to
the
folder".

Of course we don't want other users to even be able to read others
documents so yes the user must have exclusivity that way. But
administrators should be able to "see" everything .
What if we have to recover a deleted document or folder?

Man I miss Netware's (NWadmin) simplicity sometimes... (sniff)...

Thanks;
Travis- Hide quoted text -

- Show quoted text -

Thanks for the replies here.
Ok right. The folder redirection / offline files is working on my sbs
03 server very good.
But am I getting this right from what you are saying?
For instance, when I logon onto my own pc, my documents is redirected
to the server and cached on the pc.
Great. Now if I go to another pc and login with the same id, the "my
documents" on my profile on THAT pc will get redirected on the server.
Won't it overwrite the "my documents" from my own pc? I don't want
that to happen. That seems kinda dumb. I'd like a way so that only my
documents on my pc are redirected regardless if I login elsewhere. Or
for other clients of course who know nothing of this activity.

Thanks;
Travis- Hide quoted text -

- Show quoted text -

That doesn't seem to be the case.
If userB logs on after userA, userB does not see a "my doc" under
\docs and settings belonging to userA - even if he's (userB)
administrator.
So it must cache it elsewhere and encrypt it? I did not use efs.
Logged in as userB , I searched (even hidden files) and I can find
files belonging to userA which I know where there. This is a good
thing.

Thanks;
Travis

That would make sense however it still isn't the case.
Viewable where? unders \docs and settings? There's definitly no userA
\docs and setting (i.e. userA's documents) there when logged in as
userB. I had the domain userB id made part of local administrator's
group.
Wouldn't that also make sense since \docs and settings are redirected?
So the question is where on the pc are the cached files?
This is just using sbs 03's wizard to redirect my documents. No other
gpo's, nor efs applied.

As mentioned I searched all of C: including hidden files and found
none of userA's docs.
I wonder is this a case of users' having an exclusive permission on
those files. Maybe sbs does this by default.
I hope this is in fact the case. I'd like it to work just like this.

I will double check next chance after weekend.
T

Les - see the Dave Nikason post here.
http://groups.google.ca/group/microsoft.public.windows.server.sbs/browse_thread/thread/7cc03ebb70678f37/e1a87ed903e7fe19?lnk=gst&q=travisf&rnum=4&hl=en#e1a87ed903e7fe19

.

Relevant Pages

  • RE: SBS 2003 users and mail question
    ... Small Business Server Folder Redirection, ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 folder redirection, offline files, ..and more
    ... you log into a shared PC with admin rights and go to Windows Explorer Folder ... documents are redirected to the server. ... without redirection, they wouldn't have been. ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 2003 folder redirection, offline files, ..and more
    ... Les Connor [SBS MVP] ... The challenge is to have my doc's redirection enabled for the desktops, ... >> log in at any other PC in the office and see the server copy of my>> docs - ... >>> I am familiar with folder redir, ...
    (microsoft.public.windows.server.sbs)
  • RE: Folder Redirection woes.
    ... Did you make the Fold Redirection manually or using SBS Configure My ... Which is your SBS server, ... My Documents to a network folder, input the location and then click OK. ...
    (microsoft.public.windows.server.sbs)
  • Re: My Documents redirection to another server?
    ... requirements) on the SBS box was getting to be too much. ... _plus_ have these separate Users folders on the file server. ... I'd redirect as follows - all users to the same location, create a folder ... Is it possible to set up My Documents redirection and roaming ...
    (microsoft.public.windows.server.sbs)