GPO for User’s Folder Redirection

  • by

Steps to configure GPO for User’s Folder Redirection

We will redirect users’ Desktop & Document folders to the File Server with Exclusive Permission

Create a Folder called UserHome and share it as UserHome$ (Hidden Share) with Folder Share Permission (Everyone – Full Control)

Create an new OU called UAT and move the users whose folder will be redirected here

Create a GPO called UAT-GPO-USER and link it to UAT-OU

Go to User Configuration – Policies – Windows Settings – Folder Redirection, and right click on the folders that you would like configure for redirection. We will use Desktop & Document in this lab

  • Setting = Basic – Redirect everyone’s folder to the same location
  • Target folder location = Create a folder for each user under the root path
  • Root Path = \IP-OR-FQDN-FileServer\UserHome$
  • Grant the user exclusive right to Desktop – CHECKED – Most Secure configuration, even Administrator also cannot access user folder

Login to Windwos 10 Machines with username = uat2, and verify the Document path is pointing to \192.168.1.180\UserHome$\uat2 now

Allow Administrators to have access to user folders

Configure the Security of the Root folder, C:\UserHome as below

  • Include inheritable permission from this object’s parent = UNCHECKED
  • Click Remove
  • Add the permission manually
  • Administrators – Full Control
  • System – Full Control
  • CREATOR OWNER – Full Control
  • Authenticated UsersRead attributes, Read extended attributes, Create Folders / append data and read permission

Go to User Configuration – Policies – Windows Settings – Folder Redirection, and right click on the folders that you would like configure for redirection. We will use Desktop & Document in this lab

  • Setting = Basic – Redirect everyone’s folder to the same location
  • Target folder location = Create a folder for each user under the root path
  • Root Path = \IP-OR-FQDN-FileServer\UserHome$
  • Grant the user exclusive right to Desktop – UNCHECKEDallow administrator to have access to users’ folder

Login to Windwos 10 Machines with username = uat2, and verify the Document path is pointing to \192.168.1.180\UserHome$\uat2 now