Archive
Archive for the ‘Windows 7’ Category
Configuring Windows 7 roaming profiles on a Windows 2008 R2 Server
The last few days I am playing around with Windows 7 and roaming profiles. At first I wrote it down for my own documentation but maybe its usefull for someone else as well.
Requirements
- A Windows 2008 R2 Server with the File Server Resource Manager (FSRM) role
- A Windows 7 Client
- Both machines in the same domain
Creating the home share on the windows 2008 R2 server
- Create a folder called HomeWin7 and rightmouseclick and choose properties
- You should see the following permissions
- Click on the Advanced button and click on Change Permissions
- DEselect Include inheritable permission form this object’s parent and click on ADD
- Select the Users “Special” ACL and then click the Edit Button
- Change the Apply to : This folder Only and click OK
- Select the Users “Read & execute” ACL and then click the Edit Button
- Change the Apply to : This folder Only and click OK
- It should look like this now:
- Click OK to close this screen and click on the “Sharing Tab” on the Users Properties screen and then click on the “Advanced Sharing” button to create a share
- Select share this folder and the sharename should be HomeWin7$
- Click on the caching button and select: no files or programs are avaliable offline
- Click OK and click on the permissions button
- Give the everyone group Full Control on the share and click on OK, OK and Close
- Start the Server Manager and go to File Services, Share and storage management
- Select the HomeWin7$ share, rightmouseclick and select properties, advanced
- Select: enable Enable access-based enumeration and click OK (this results in that users can only see their own folder if the users connect to the \\servername\HomeWin7$ share)
- Lets configure some GPO’s
Configure GPO’s for roaming profiles
- Start the GPMC and browse to the specific user OU
- Create a new GPO and then edit
- Browse to : User Configuration -> Policies -> Windows Settings -> Folder Redirection
- Rightmouseclick Appdata(roaming) and select properties. Configure like this:
- Select the Settings tab and configure like this:
- Make sure you configure all other redirection policies like the above
- Rightmouseclick Desktop and select properties. Configure like this:
- (if needed) Rightmouseclick Start Menu and select properties. We have it redirected to the Teachers startmenu on a different server
- Rightmouseclick Documents and select properties. Configure like this:
- Rightmouseclick Pictures, Music, Videos’. Configure like this:
- Rightmouseclick Favorites and select properties. Configure like this:
- Rightmouseclick Contacts and select properties. Configure like this:
- Rightmouseclick Downloads and select properties. Configure like this:
- Rightmouseclick Links and select properties. Configure like this:
- Rightmouseclick Searches and select properties. Configure like this:
- Rightmouseclick Saved Games and select properties. Configure like this:
Additional Main GPO’s
- Browse to : User Configuration -> Policies -> Administrative Templates-> System -> User Profiles -> Exclude directories in roaming profiles. By default, the Appdata\Local and Appdata\LocalLow folders and all their subfolders like the History, Temp, and Temporary Internet Files folders are excluded from the user’s roaming profile. If you need to exclude additional folders you can add them here.
- Start the GPMC and browse to the specific computer OU and create a new GPO and then edit.
- Browse to : Computer Configuration -> Policies -> Administrative Templates-> System -> User Profiles -> Add the administrators security group to roaming user profiles. Set this to Enabled.
- Browse to : Computer Configuration -> Policies -> Administrative Templates-> System -> User Profiles -> Delete user profiles older than a specified number of days on system restart. Set this to Enabled and 30 days.
- Browse to : Computer Configuration -> Policies -> Administrative Templates-> System -> User Profiles -> Do not check for user ownership of roaming profiles folders. Set this to Enabled.
- Browse to : Computer Configuration -> Policies -> Administrative Templates-> System -> User Profiles -> Delete cached copies of roaming profiles. Can be usefull on student computers. Student profiles get deleted after logoff.
- Browse to : Computer Configuration -> Policies -> Administrative Templates-> System -> User Profiles -> Do not log users on with temporary profiles. Set this to Enabled. Can be usefull to avoid creating a temporary profile if the roaming profiles is corrupt or unavailable.
ADUC
- Open the user properties and configure the profile path like this:
- If you check the profile folder structure it will look like this:
Extra information
Advertisements
Categories: Windows 2008 (R2), Windows 7
Tags: roaming profiles, user profile, windows 2008, windows 7
SEARCH
CATEGORIES
- Cisco (1)
- Exchange 2003 (2)
- Exchange 2010 (4)
- Forefront TMG 2010 (12)
- Landesk (1)
- Linux (1)
- Scripting (5)
- Windows 2008 (R2) (9)
- Windows 7 (1)
- Wireshark (2)
TAGS
Activesync
alvira
Back to Back
blackhole
cacti
Cisco
education
epoint
excel
Exchange 2010
FBA
FBAeditor
Forefront
Forefront TMG 2010
Form Based Authentication
generate password
hive
HP
icacls
ipad
Landesk LDMS 9 SP2
Linux
mandatory profile
monitoring
Multicast
nbns
NLB
NO-REPLY
NTLM
Outlook Anywhere
OWA
plugin architecture
Powershell
RDP
regedit
roaming profiles
scripting
SMB
snmp monitoring
student
TMG
ubuntu
Unicast
user.dat
user.man
user profile
User Profile Hive Cleanup Service
vbs
windows 7
windows 2008
Windows Live Essentials 2011
windows xp sp3
wireshark
youtube app
ARCHIVES
- September 2012 (1)
- June 2012 (2)
- October 2011 (1)
- April 2011 (1)
- March 2011 (2)
- February 2011 (5)
- January 2011 (3)
- November 2010 (5)
- October 2010 (4)
CALENDAR
M | T | W | T | F | S | S |
---|---|---|---|---|---|---|
« Sep | ||||||
1 | 2 | 3 | ||||
4 | 5 | 6 | 7 | 8 | 9 | 10 |
11 | 12 | 13 | 14 | 15 | 16 | 17 |
18 | 19 | 20 | 21 | 22 | 23 | 24 |
25 | 26 | 27 | 28 |
BLOG STATS
- 526,963 hits
TOP RATED
Advertisements