Acabamos de migrar os compartilhamentos residenciais de aproximadamente 2300 usuários para um novo servidor de arquivos. Por algum motivo, o redirecionamento de pastas não está atualizando os caminhos de nenhum perfil de usuário existente (não usamos perfis móveis). No entanto, se eu executar gpupdate /force enquanto esse usuário individual estiver conectado a um PC no qual eles já tinham um perfil, o redirecionamento de pasta será aplicado corretamente. Isso está se tornando um grande problema, já que nossos usuários se movimentam muito.
No diretório ativo na guia Perfil de cada usuário, definimos: %código% Isso funciona bem.
Ainda não alteramos as estruturas de pastas do layout do XP (ou seja, Imagens, Música, etc. ainda estão dentro dos Documentos), apesar de termos removido o XP há muito tempo, portanto, nossa política de redirecionamento é a seguinte:
User Configuration linked to OU containing our user accounts
Documents
- Basic - Redirect everyone's folder to the same location
- Redirect to the user's home directory
- Grant the user exclusive rights to Documents
- Leave the folder in the new location when policy is removed
Pictures Follow the Documents folder
Music Follow the Documents folder
Videos Follow the Documents folder
Desktop
- Basic - Redirect everyone's folder to the same location
- Redirect to the following location:
%HOMESHARE%\Desktop- Leave the folder in the new location when policy is removed
Favorites
- Basic - Redirect everyone's folder to the same location
- Redirect to the following location:
%HOMESHARE%\Favorites- Leave the folder in the new location when policy is removed
Computer Configuration linked to OU containing our computers
Policies\Administrative Templates\System\Group Policy:
- Configure folder redirection policy processing
Process even if the Group Policy objects have not changed: Enabled
Permissões de compartilhamento:
- Staff: Full Control
- Domain Admins: Full Control
Permissões NTFS da pasta compartilhada:
Inheritance: Disabled
- CREATOR OWNER: Full control (Subfolders and files only)
- SYSTEM: Full control (This folder, subfolders and files)
- Administrators: Full control (This folder, subfolders and files)
- Domain Users: Travers folder/execute file, List folder/read data, Read attributes, Create folders/append data (This folder only)
Aqui está o resultado de Connect: Z: To: \FileServer\Share\Username . Eu removi todas as políticas de excesso para torná-lo mais curto. O motivo pelo qual eu adicionei isso é mostrar que a diretiva de redirecionamento de pasta não está sendo filtrada etc. e que a seção de redirecionamento de pasta do relatório diz gpresult /user username /v . Se você precisar saber alguma coisa sobre qualquer outra política que eu tenha ativado, por favor, pergunte.
RSOP data for DomainRemoved\UserRemoved on F701 : Logging Mode
-------------------------------------------------------------
OS Configuration: Member Workstation
OS Version: 10.0.14393
Site Name: Removed
Roaming Profile: N/A
Local Profile: C:\Users\UserRemoved
Connected over a slow link?: No
COMPUTER SETTINGS
------------------
CN=F701,OU=F7,OU=IT Computers,OU=First Floor,OU=Main Block,OU=Computers,OU=Company,DC=domain,DC=removed
Last time Group Policy was applied: 08/07/2017 at 13:11:32
Group Policy was applied from: DCName.domain.removed
Group Policy slow link threshold: 500 kbps
Domain Name: DomainRemoved
Domain Type: Windows 2008 or later
Applied Group Policy Objects
-----------------------------
Internet Connection & Firewall Policy
BootCamp Fixes
Interactive Logon Policy
Fix Daylight Savings
Win10 Computer Policy
Computer Software Restrictions (AppLocker)
Apogee Printers
Temp Fix for Folder Redirection
Default Domain Policy
The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Whole School Software Win7
Filtering: Denied (WMI Filter)
WMI Filter: Apply to Windows 7 Only
Win 7 Computer Policy Extension
Filtering: Denied (WMI Filter)
WMI Filter: Apply to Windows 7 Only
Local Group Policy
Filtering: Not Applied (Empty)
Computer Policy
Filtering: Denied (WMI Filter)
WMI Filter: Apply to Windows 7 Only
The computer is a part of the following security groups
-------------------------------------------------------
BUILTIN\Administrators
Everyone
BUILTIN\Users
NT AUTHORITY\NETWORK
NT AUTHORITY\Authenticated Users
This Organization
F701$
Domain Computers
Authentication authority asserted identity
CERTSVC_DCOM_ACCESS
System Mandatory Level
Resultant Set Of Policies for Computer
---------------------------------------
Administrative Templates
------------------------
REMOVED EXCESS POLICIES TO SHORTEN
GPO: Win10 Computer Policy
Folder Id: Software\Policies\Microsoft\Windows\NetCache\NoMakeAvailableOffline
Value: 1, 0, 0, 0
State: Enabled
GPO: Temp Fix for Folder Redirection
Folder Id: Software\Policies\Microsoft\Windows\Group Policy\{25537BA6-77A8-11D2-9B6C-0000F8080861}\NoSlowLink
Value: 1, 0, 0, 0
State: Enabled
GPO: Default Domain Policy
Folder Id: Software\Policies\Microsoft\Windows NT\CurrentVersion\Winlogon\SyncForegroundPolicy
Value: 1, 0, 0, 0
State: Enabled
GPO: Temp Fix for Folder Redirection
Folder Id: Software\Policies\Microsoft\Windows\Group Policy\{25537BA6-77A8-11D2-9B6C-0000F8080861}\NoGPOListChanges
Value: 0, 0, 0, 0
State: Enabled
USER SETTINGS
--------------
CN=Users Name,OU=Teaching Staff,OU=Staff,OU=Company,DC=domain,DC=removed
Last time Group Policy was applied: 08/07/2017 at 12:22:59
Group Policy was applied from: N/A
Group Policy slow link threshold: 500 kbps
Domain Name: DomainRemoved
Domain Type: Windows 2008 or later
Applied Group Policy Objects
-----------------------------
Internet Connection & Firewall Policy
Folder Redirection Policy
Smoothwall Staff Proxy Settings
Screensaver
Win10 Base User Policy
Win10 Staff Policy
Apogee Printers
Default Domain Policy
The following GPOs were not applied because they were filtered out
-------------------------------------------------------------------
Staff
Filtering: Denied (WMI Filter)
WMI Filter: Apply to Windows 7 Only
Win 7 Staff Policy
Filtering: Denied (WMI Filter)
WMI Filter: Apply to Windows 7 Only
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups
---------------------------------------------------
Domain Users
Everyone
BUILTIN\Users
NT AUTHORITY\INTERACTIVE
CONSOLE LOGON
NT AUTHORITY\Authenticated Users
This Organization
LOCAL
WiFi Access
PaperCut Welsh Bacc
PaperCut Welsh Bacc Adv
Staff
Smoothwall Staff
Admin Network Users
PaperCut Computing
HoD
CERTSVC_DCOM_ACCESS
Medium Mandatory Level
The user has the following security privileges
----------------------------------------------
Bypass traverse checking
Increase a process working set
Shut down the system
Remove computer from docking station
Resultant Set Of Policies for User
-----------------------------------
Administrative Templates
------------------------
REMOVED EXCESS POLICIES TO SHORTEN
Folder Redirection
------------------
N/A
Estamos no processo de migração para servidores virtuais e ainda não removemos nossos antigos DCs. Por esse motivo, atualmente temos 5 DC's com sistema operacional misto:
2 x Server 2016
1 x Server 2012
2 x Server 2008 R2
Nossos níveis funcionais de floresta e domínio são atualmente 2008 R2.
Nossos computadores clientes são o Windows 10 1607 64 Bit.
Eu tentei incluir o máximo de informações possível, mas se precisar de mais alguma coisa, por favor, pergunte.
EDITAR:
O processamento de loopback NÃO está habilitado.
RSoP.msc não está mostrando nenhum erro.
A saída HTML gpresult mostra: Sucesso de Redirecionamento de Pastas 703 Milissegundos (s)