- Managing shared mailboxes in Office 365 with PowerShell - Thu, May 5 2016
- Managing shared mailboxes in Office 365 with the GUI - Wed, May 4 2016
- Installing and configuring the Enhanced Mitigation Experience Toolkit (EMET) - Wed, Mar 16 2016
I’m sure when you set up Folder Redirection in Group Policy for your users, backing out or disabling Folder Redirection was probably the last thing on your mind. Because of that, design decisions that were made during your implementation can have a direct impact on removing the redirections and can cause major problems.
Scenario 1: Accidental redirection on servers
When logging into the server console or over RDP to perform administrative tasks, the server Administrator is having his/her folders redirected to a file server. (I hear this a lot… I mean A LOT.)
To fix this, you’ll need to take two actions: First, enable Loopback. Working under the assumption that this is a server that only admins will be logging into, you’ll most likely want to use Replace mode so that user policies don’t apply in the future. Second, the easy option is to delete the profiles of the users on the server by going to System > Advanced system settings > User Profile Settings… > highlight the user and click Delete.
Delete user profiles
If for some reason deleting the local profiles on the server isn’t an option (or there are just too many servers to do it), you’ll need to add a new Folder Redirection to the same GPO that has your Loopback setting. In the Group Policy Management Console, go to User Configuration > Windows Settings > Folder Redirection. Right-click on one of the folders that will shouldn’t be redirected and choose Properties. In the Properties for each folder, set the Target Setting to “Basic” and the Target folder location to “Redirect to the local userprofile location.” On the Settings tab, make sure you uncheck “Move the contents of [folder] to the new location” so that the redirected files don’t end up on the server.
Redirect to the local userprofile location | Move the contents of Documents to the new location
Scenario 2: Redirecting back to users’ local storage
You’ve been tasked with taking folders that are currently redirected to a file server and directing them back to the end user’s local storage.
Before you start making changes, you’ll want to go to User Configuration > Windows Settings > Folder Redirection. Right-click on one of the redirected folders, choose Properties, and go to the Settings tab. Make note of whether “Move the contents of Documents to the new location” is checked and the “Policy Removal” behavior.
Policy Renoval
When a Folder Redirection is created, the move option is checked by default and the Policy Removal is set to, “Leave the folder in the new location when the policy is removed.” If bells and whistles aren’t going off in your head, they should be! If you were to remove the policy right now, Folder Redirection would stay how it is currently configured with the folder(s) redirected… which is probably not what you want to happen. The good news is that new logins by users won’t have folders redirected since the policy is gone, but any computers that the user has logged in to will keep their Folder Redirection.
You’ll want to set the Policy Removal option to “Redirect the folder back to the local user profile location when policy is removed.” You’ll also want to ensure that “Move the contents of [folder name] to the new location” option is also checked so that the files get moved back to the user’s computer when you change the policy. If these settings needed to be changed, you’ll need to allow enough time for users to get the changes before removing the Folder Redirection completely.
Once you’re confident that your users have received the updated policy from the Settings tab, you can change the Setting on the Target tab to “Not configured.”
Location of the document folder not configured
If you primary goal is just to disable Folder Redirection, the easiest thing you can do is to go to the Target tab, change the Setting to Basic, and change the Target folder location to “Redirect to the local userprofile location” like we did in Scenario 1. Just be aware that doing this prevents the end user from moving the folder to another location since the setting is still managed.
Redirect to the local userprofile location
Gotchas and other things to consider
Remember that the default Group Policy refresh interval is 90-120 minutes (unless you’ve changed it in your environment). If you change the Folder Redirection settings now, most of your computers will get the change pretty quickly, right? Not so fast… That interval assumes that the computer is powered on and can communicate with Active Directory. You also have to remember that Folder Redirection is a user side policy; so, the user will have to be logged in and have access to Active Directory to get the change. If you have to make modifications to the Policy Removal behavior, you may need to wait several days before making the change to the target setting.
Redirecting folders back to laptops has a couple of challenges. First, Folder Redirection will require that the user can access the corporate network prior to logging in. Unless you’ve implemented Direct Access, this will require the user to connect to a VPN prior to login. Second, the process of copying the files back down to the laptop will be incredibly slow over most WAN connections... especially if the user has a lot of data. If it is possible, you may want to encourage your end user to bring in the laptop and use a connection on your local network to make the transfer.
If you have users that log in from multiple computers, make sure that they log in to their primary computers first to get the new settings. Otherwise, their files will end up on the wrong computer and will appear to be missing on their primary computers.
where is one big problem with folder redirect.
when my server where are files broken and I need move the files from backup to new server what I must redirect clients to new server?
rann, I posted your question in the forum.
Thanks for your useful article,
I had a problem with my home redirection ,some information:
1.I have a server 2012 R2
2.some clients are windows 7 and some of them are windows 8.1
3.I did home folder with gpo
after home redirection with gpo ,windows 7s had problems,they logged in from out of domain and they didnt see their files and folders and a black screen occurred and slow lo gin.
So I decided to delete the policy but the problems remained.
Shall I create the policy again and use setting tab and again not configured with policy?
what is the best suggestion?
Regards
I use the same GPO for both Windows 7 and Windows 8 clients and don’t have any issues. In my case, the GPO was originally created and maintained with a Windows 7 management station. I’d first check that the permissions are correct on the share and that user’s can access their files if they browse manually to the UNC path. You should also run use gpresult to see that the user’s are getting the policy properly. Last, I’m not quite sure what you mean in bullet 3 of your list since you’re not being very clear about the issue. If the users are having slow logons and not seeing their files, Offline Files may not have fully synced yet. You need to look at gpresult to see that they’re getting the policy and then the Event Log to see if you’re getting errors on anything.
Hey im not able to delete the folder after redirecting,
please help me
I’m not quite sure I understand the problem you’re having. What folder are you trying to redirect? Did it redirect to the server successfully? Which folder are you trying to delete?
Michael, I have a situation where the folder recdirection was setup incorrectly in the group policy and needs to be corrected. However, none of the changes made ‘stick”. For example, the Music folder redirect was set to Basic and the path to c:\Users\Public\Public Users. The problem is that it is redirecting to the servers C: drive! If I go into the GPO and set it to not configured then close it out, it does not save the changes to the GPO. This is done from a server 2008 R2 domain controller.
Any ideas on how to correct this? Do I need to delete the policy and recreate it then create another GPO to change the registry on the Windows 7 workstations? Not sure why I can make other changes to that GPO and they stay when closed out but not to the folder redirection…
Thanks,
Mike
Hi Mike… Actually, I’m the author of this article. 🙂 In the Group Policy Management Editor, there’s an option in the Settings tab if you edit the Properties of any of the folders that can be redirected There’s a box labeled Policy Removal. If you look at the first option, it is: “Leave the folder in the new location when the policy is removed.” Oh, and it is the default. Odds are, that’s how your Folder Redirection was configured if it is staying after you remove the policy.
If you’re looking for the simplest way to get the folders redirected back to the local disk, go to the Target tab and set the Setting option to “Basic – Redirect everyone’s folder to the same location.” In the Target folder location section, set it to “Redirect to the local userprofile location.” That will redirect the folder to the local disk. The only gotcha is that the user won’t be able to manually configure the redirection.
You made my day. Thanks this was really helpful.
Thank you for this post. It saved me from wasting even more time in trying to fix this on a W2008 R2 server!
Bless you!
S.
Kyle,
Thank you for writing this. I have a question related and at the same time unrelated.
In my experience the biggest problem with redirecting data folders, particularly the “My Documents” dir to a share and back again is Third Party Software. Have you ever experienced applications which are so stubborn with where they put their data that no amount of cajoling or prying can get them to release their hold on the location?
How do you overcome this issue, if you have seen it…?
Thanks in advance.
Hi Kyle,
How do I disable redirected folders for certain users only?
Thanks
Hi Kyle,
I inherited an environment that has folder redirection turned on. I have made some progress, but have run into a question. I have been able to disable the folder redirection, but I’m curious if I can tweak it a bit. Right now, I have the folder redirection going away and it makes a copy of the contents on the local hard drive as well as leaving a copy on the users home drive. What I would like to have happen is leave the contents on the home drive and get rid of the redirection. Going forward they can store some stuff locally, but we would tell them to use their home drive for anything that should get backed up, etc. Let me know if I can provide any screenshots to help. Thanks!
Hi Kyle,
I am attempting to disable redirection. Initially, “Leave Content in the Current location” was selected and I changed it to “When policy is removed, redirect to local profile.” I waited 2 weeks and disable the policy which didn’t work. About a week later, I set it to not configured and that too does not seem to resolve the issue. I have now set the policy to Basic Redirection back to the user profile as well enable redirection the folder back to the local userprofile location when policy is removed. I’ve had the current configuration for several days now and it does not seem to redirect users documents from our file server (Server 2003) to their local profile. How can I force this policy to be applied? When a conduct a client side gpo update does not seem to work and I really need to get this working as we need to decommission our Outdated Server 2003. GPOs are being created and hosted on Server 2008 R2. Any help is greatly appreciated
First off, this article is nearly 4 years old and I haven’t supported Folder Redirection in nearly a year. (I also don’t recommend it any more.) Just on the surface, it sounds like you may possibly have a bigger problem. Have you run a gpresult on one of the clients as an impacted user to see if they’re getting the policy change? After you changed the GPO, you should have either had a test user or checked with a user that needed to receive the update. Run a gpupdate on the test user and make sure they got the updated policy. You’ve already started introducing more changes without troubleshooting the original issue and that complicates things. You need to first confirm whether the users are or aren’t receiving Group Policy changes.
Hi Kyle,
Why are you don’t recommend folder redirection anymore?
Hi, I have a similar problem
The redierected folder is clogging up my server and it lead to backpressure on the server. I took ownership of the redirected folder, moved it to an external drive and free up some space by deleting just one user files..then my mails started dropping
Now, here is the problem…
I went to SBS console – shared folder & Websites – then i stopped sharing redirected folders….soon, i noticed that all the files on users desktop, my documents went blank, they cant create now folders or files on their desktop/documents, and on the shared folder & website tab – from the SBS Console,the redirected folder is no longer present on the list… dont know what to do…pls help
While folder redirection could have some obvious downsides, there are cases where there doesn’t seem to be a lot of choice. If you aren’t recommending it, what are you doing instead? In particular we use it in a VDI environment because the machines get destroyed and recreated at every login cycle. The user never gets the same machine, it’s always a clean slate.
I want to disable redirect please
Hi all ,
i know it’s been years , this was published , but i run into a problem.
I implement the whole thing in a domain test environment.
Everything seems to be good , but the only problem i have is , that when i try to login from a user account , that created successfully the folder redirection on PC1 , logging with the same user to PC2 ,or PC3 which is exactly the same , i mean the OS , the folder redirection is not working .
Although i have access to the share folder (\\dc1\shares\folderridirection\user1\) from all the machines i login as user1 , the folder redirection is not working.
Does anyone have any idea ?
Hello,
First off this is a great article and thank you for posting it. I do have a question though and frankly I cannot find the answer in the article here. If I were to want to redirect the desktop folder in a controlled way for a selected group of people there appears to be a means of doing so via the following options:
User Configuration->Windows Settings->Folder Redirection-> Desktop
In here when you edit properties there are two tabs:
Target & Settings.
In the Target tab there is a drop down for Setting: Basic (apply to all) and Advanced (specify locations…).
When Advanced is selected (which I’d assume I’d need to do). I then select a specific AD Sec Group and click apply.
Now the question:
Is this the correct steps to target this GPO for a folder re-direction?
(Knowing that I have left out the Environmental Variable part)
If so then why is it that when I preview the GPO it shows as setting level basic instead of advanced?
greetings, I have a problem with folder redirection, I configure it but I want to delete it, but I am afraid the information that is redirected from the user will be erased. What can I do in this case,
@Jhoelin
Have a look at the following subtitle of the current article:
Scenario 2: Redirecting back to users’ local storage
Hi Kyle,
Made an acount especially to say thanks. You're article made my day. Works as a charm on Server 2016 Essentials with W7Pro client's. Used profwiz pro from ForensIT to copy profiles to new server. The whole process, you're article + profwiz, saved us hugh time and frustrating. Thanks!
Regards, edwin