Folder Redirection and Offline Files


Folder redirection is an impressive feature that transparently forces users to store almost everything on the server (as opposed to each individual workstation). As you probably know, in Windows each user has its own My Documents folder as well as a Desktop, My Pictures, and so on, which are stored as part of the user's profile on each particular machine.

Most people store everything on their My Documents folder or their desktops, and even when they have a network share to store their data they simply forget to use it. This creates a problem for administrators because normally backups are not performed at the workstation level. Backing up every workstation is uncommon and unpractical.

Folder redirection can help you attain two goals:

  • Store everything on your serverAlways have a backup of everybody's data.

  • Create a Work Anywhere environmentNo matter where any user logs on, he will have access to his files and settings.

With folder redirection end users save their data to their own My Documents or Desktop folders, but Windows automatically redirects those locations to a share on the server. This way all their data and some settings, too, can be stored on the server where they will be backed up along with all the other network data.

Additionally, with the proper group policy settings, establishing a Work Anywhere environment is possible. If a workstation hard disk dies suddenly, you can easily relocate the user to another machine without any significant data loss. This also makes upgrades much easier because you can assign a new computer to an existing user, and the only thing you really need to do is install any third-party programs.

Another advantage of using folder redirection is that you can operate multiple devices simultaneously and still get a similar experience across all of them.

Note

Do not confuse folder redirection with roaming profiles. Although their purpose sounds similar, they are very different features that can even be used concurrently.

The following link provides information on both features and how they can complement each other: http://www.microsoft.com/resources/documentation/Windows/2000/server/reskit/en-us/prork/prdc_mcc_tqht.asp.


On the other hand, using folder redirection has its drawbacks. For example, the Recycle Bin no longer keeps the deleted files in these folders because they are no longer located on the computer. This particular problem is mitigated by using Volume Shadow Copy on the volume used to store the data. In fact, using Shadow Copy in conjunction of folder redirection has the additional benefit of being able to revert back to a previous version even if the file has been overwritten (the Recycle Bin can't handle this).

You might be thinking what happens if the server goes offline. Is the computer unusable? Also, what happens to laptops when they are not connected to the domain?

Folder redirection can work in combination with another feature called Offline Files to overcome these issues. By configuring Offline Files the computer keeps a cached copy of your data on your computer in case your network is not accessible. This is particularly important for laptops, because your users probably want to keep working on their documents even when they are outside the office.

Offline Files can keep users working seamlessly without the server. Most importantly, as soon as they are back online the device will synchronize its date with the server (where it is again safely backed up).

Configuring Folder Redirection

The process of setting up folder redirection consists of three steps: setting up a share, giving it the appropriate permissions, and configuring group policy.

For the purpose of this example we are going to redirect My Documents and the Desktop to a share named \\SBS\UserData\ with the username and redirection type as subdirectories. For example, the desktop for Jon Dough will be located at \\SBS\UserData\JonDough\Desktop. Follow these steps:

1.

Use Windows Explorer to open the volume that should have the data stored and create a folder named User Data. Right-click on the newly created folder, select Properties, click on the Sharing tab, and select Share this Folder. On Share name type UserData and set the permissions so that the Everyone group has Full Control. Click OK.

Note

We are not giving everybody full control of every user's data. The NTFS security permissions (that will be configured later) grant access only to the appropriate individuals; these are simply share level (SMB) permissions.

2.

Go to the Security tab, click on the Advanced button, and uncheck the Allow Inheritable Permissions box. When prompted, select Remove All Previous Permission Entries.

3.

Click Add to add the Creator Owner group and assign it Full Control to Subfolders and Files Only. Repeat the procedure for domain users giving them List Folder/Read Data and Create Folders/Append Data permissions to This Folder Only. Finally, give Local System Full Control to This Folder, Subfolders and Files. Figure 21.1 shows how the permissions should look after you add every group.

Figure 21.1. Advanced NTFS Permissions screen.


4.

Open the Group Policy Management Console (GPMC) from Server Management. Expand the domain, right-click Group Policy Objects, select New, and name it Folder Redirection Policy.

5.

On the right pane, right-click the Folder Redirection Policy and select Edit to open the Group Policy Editor. From there expand User Configuration, Windows Settings to reach Folder Redirection.

6.

On the Folder Redirection screen right-click on Desktop and select Properties (see Figure 21.2). On the Setting drop-down box, select Basic and make sure that you select Create a Folder for Each User Under the Root Path; then type \\SBS\UserData on the Root Path box. Look carefully at the bottom so that you can see whether the proposed file structure matches what you want.

Figure 21.2. Desktop Folder Redirection screen.


7.

Close the Group Policy Editor and proceed to linking the folder redirection policy to the domain or the appropriate Organizational Unit. Open the GPMC and right-click on the domain, select Link an Existing GPO, and select the Folder Redirection Policy from the list. Workstations will be configured to use folder redirection at next logon.

8.

To redirect the other special folders just repeat step 6 for My Documents, Application Data, and/or Start Menu.

In a typical SBS installation basic folder redirection should suffice, but there are cases where using Advanced is necessary. For example, if you have multiple sites (possibly connected using a VPN link), you might want to use advanced to be able to redirect each set of users to the appropriate server located in their site.

Note

If you are interested in folder redirection only for My Documents, the wizards in SBS provide a simpler way to configure it. Just follow steps 1 and 2 in the preceding list and then open the Server Management Console, expand users, and click on Configure My Documents Redirection.

Using group policy directly gives you a greater number of options (not to mention other types of folder redirection).


Best Practice: Set Up Folder Redirection

Whether it's through the SBS My Documents Folder Direction task or through setting up group policies to redirect the Desktop and other folders, you should enable folder redirection for the workstations on your network to help protect the data that would otherwise reside on the workstation. Users have become accustomed to saving data into their My Documents folder over the years, and now that many Microsoft applications default to saving new files into the My Documents folder, redirecting the My Documents folder to the server gets the user data off the workstation and onto the server where it can be backed up.

Additionally, consider redirecting the Desktop folder to the server as well. Many users still save data to the desktop because it's easier for them to find it later. This can be done only through custom group policy objects.


Configuring Offline Files

As previously mentioned Offline Files provides a complementary service to folder redirection by keeping a cached copy of the files located on the server. By default, all redirected folders are made available offline. However, in some situations you might want to modify the default settings or even block users from modifying the settings you have established.

Offline Files is a bit more complicated than folder redirection, especially because most of the settings appear on both the User and Computer Configuration sections. In most cases, settings placed on Computer Configuration take precedence over User Configuration, but in other cases they are combined. My preference is using Computer Configuration because usually the behavior of Offline Files should be dictated by the type of computer (desktop versus laptop), and this way you can create policies that affect these groups separately.

This example blocks users from modifying the existing Offline Files settings and adds this policy to the existing folder redirection policy (created on the previous section). Although you could create a new policy for this, it is recommended to place all related group policies together because doing so can greatly improve the processing speed. Follow these steps:

1.

Open the Group Policy Management Console (GPMC) from Server Management. Expand the domain and Group Policy Objects. On the right pane right-click the folder redirection Policy and select Edit to open the Group Policy Editor. From there expand Computer Configuration, Administrative Templates, Network, Offline Files.

2.

On the Offline Files folder screen right-click on Prohibit User Configuration of Offline Files and select Properties. Select Enable to keep Offline Files working, but the user will not be able to modify its behavior. Click OK and close the Group Policy Editor.

Table 21.1 shows some of the other Offline Files settings that you can set using group policy. Use the same procedure to add them as outlined previously. For more details on each of these settings, open the Explain tab on the setting's properties.

Table 21.1. Selected Computer Configuration Group Policy Settings for Offline Files

Policy Setting

Description

Prohibit user configuration of Offline Files

Prevents users from enabling, disabling, or changing the configuration of Offline Files.

Synchronize all Offline Files when logging on

Determines whether offline files are fully synchronized when users log on.

Synchronize all Offline Files before logging off

Determines whether offline files are fully synchronized when users log off.

Note: This and the preceding option can significantly increase your network traffic.

Action on server disconnect

Determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.

Remove "Make Available Offline"

Prevents users from making network files and folders available offline.

Prevent use of Offline Files folder

Disables the Offline Files folder.

Administratively assigned offline files

Lists network files and folders that are always available for offline use.

Note: This setting is useful when you have shares that need to be available offline to everyone.

Turn off reminder balloons

Hides or displays reminder balloons and prevents users from changing the setting.

Reminder balloon frequency

Determines how often reminder balloon updates appear.

Initial reminder balloon lifetime

Determines how long the first reminder balloon for a network status change is displayed.

Reminder balloon lifetime

Determines how long updated reminder balloons are displayed.

Event logging level

Determines which events the Offline Files feature records in the event log.

Prohibit "Make Available Offline" for these files and folders

Prohibits specific network files and folders from being made available for offline use.

Do not automatically make redirected folders available offline

Disables automatic caching of redirected shell folders, such as My Documents, Desktop, Start Menu, and Application Data.

Note: If you enabled folder redirection, you should not enable this unless the computer does not need to be offline.

At logoff, delete local copy of user's offline files

Deletes local copies of the user's offline files when the user logs off.

Subfolders always available offline parent folder is made available offline.

Makes subfolders available offline whenever their

Encrypt the Offline Files cache

Determines whether offline files are encrypted.

Note: Very important setting for computers (especially laptops) that contain sensitive data.

Configure Slow link speed

Configures the threshold value at which Offline Files considers a network connection to be slow.





Microsoft Small Business Server 2003 Unleashed
Microsoft Small Business Server 2003 Unleashed
ISBN: 0672328054
EAN: 2147483647
Year: 2005
Pages: 253

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net