Continuing on from my initial work with FR and OF&F I came across a technet article on best practice for FR.
The key points being that you really must use UNC paths for folder redirection and not mapped drives. The reason being that mapped drives are processed after FR in the logon process and as they won’t be mapped at that point FR will infact fall flat on it’s face. A caveat for UNC paths is that they must not exceed a character length of 260, doing so will cause more problems, and will prevent FR from taking place.
Another point was that client side caching should be enabled to ensure that files are synced correctly during the logoff process. This can be enabled as a user or computer GPO setting but bear in mind that if you have both then the computer GPO setting takes precedence over the user setting. For my test lab I’ve kept the setting to the computer portion of the GPO and put the computer object in a it’s own OU to avoid problems (Note: I’ve since found out that this is only relevant to Server 2000/2003 and XP, so irrelevant for my Server 2008 R2 and Windows 7 lab. Instead you simply enable OF&F on the source share and specify what/where is to be made available. I did this on a CIFS server residing on an EMC SAN and made the entire structure available offline, something I will have to test and re-address further down the line).
I’ve also enabled FR for the ‘My Pictures’ folder and specified that it follows the ‘My Documents’ folder, basically becoming a sub folder.
At this point I’ve hit my first problem. I’ve forced a GP update and have since rebooted the client machine. Now when I browse the documents folder I get the following error: ‘Some library features are unavailable due to unsupported library locations.’ Joy! This is because Windows 7 uses libraries rather than specific file locations (think of the library as an index of locations) which causes problems when you specify UNC path’s as part of that library. Thankfully I can still see my documents, but the error is not going to help when users are faced with a message that they won’t understand.
There is a fix for this problem that involves creating a local folder, redirecting to that and then deleting it and re linking to a UNC path, which seems like an incredibly crappy solution on MS’s part.
MS Fix – http://social.technet.microsoft.com/Forums/en/w7itproui/thread/8975fb07-26ea-455e-b8b9-40bf33662502
Still, we can suppress that error message to prevent it from confusing users. The GPO setting is ‘User Configuration/Policies/Administrative Templates/Windows Components/Windows Explorer – Turn off Windows Libraries features that rely on indexed file data’.
Be aware that by doing this however you are disabling the library index/search feature. I am doing this because the UNC location I will be referring to resides on a SAN. If your location resides on a Windows File Server I would just enable searching and indexing, which will also get rid of the message (as it will be configured correctly, hurrah!).
Now, onto understanding the rest of the redirectable attributes of the user profile and whether or not they should be redirected and if they are to be, what’s best practice?
But before I do, it’s time for tea! (You should probably understand that I write this blog as I work, so I’ve actually been writing this for 2 hours so far and have deleted just as much text as I’ve written. If I wrote this all up at the end of the day it would probably be a once sentence entry entitled ‘Enabled FR for the organisation today, lurp-a-durp’).
So, enabling ‘My Pictures’ to be redirected and follow ‘My Documents’ has caused an issue. That issue being that if you click on the ‘Pictures’ entry in the library in W7 then you do indeed see all of your pictures. However, if you navigate to it via the ‘My Documents’ folder you in fact get nothing. This is because the ‘Pictures’ library entry actually points to 2 locations. The redirected folder and the public pictures library location of C:\Users\Public. I need to remove the local library location using a GPO entry and have only the redirected folder available by navigating Pictures. Otherwise it will cause more user strife. I can see this being an issue for every redirected folder following the Documents folder.
Rather than have ‘My Pictures/Music/Videos’ all follow the documents folder I have instead linked them directly in the GPO. The ‘follow’ function makes more sense for XP workstations as in that iteration of Windows they did actually nest inside the documents folder. In Windows 7 they are a separate entity within the library. So for Music/Videos/Pictures I have set the following:
GPO Setting: User Configuration/Policies/Windows Settings/Folder Redirection/<folder>
- Target: Basic – Redirect everyone’s folder to the same location.
- Target folder location: Create a folder for each user under the root path.
- Root Path: \\<Servername>\<Sharename>\
- Unselected – Grant the user exclusive rights to <folder>
- Selected – Move the contents of <folder> to the new location.
- Unselected – Also apply redirection policy to Windows 2000, Windows 2000 Server, Windows XP, and Windows 2003 operating systems.
- Selected – Leave the folder in the new location when policy is removed.
I have ended up enabling FR for the following: AppData (Roaming) / Documents / Pictures / Music / Videos / Favorites / Contacts. I did not enable FR for: Desktop / Downloads / Start Menu / Links / Searches / Saved Games.
I’m leaving FR there for the time being, I’ll continue to update the blog as I work on it but for now it’s working very satisfactory.