- Managing shared mailboxes in Office 365 with PowerShell - Thu, May 5 2016
- Managing shared mailboxes in Office 365 with the GUI - Wed, May 4 2016
- Installing and configuring the Enhanced Mitigation Experience Toolkit (EMET) - Wed, Mar 16 2016
I was pleasantly surprised to hear that Microsoft has finally released the Work Folders client for Windows 7. I’ve talked to quite a few IT pros interested in Work Folders since my original series was posted back in January, and the main limitation I keep hearing over and over is that the only supported client OS is Windows 8.1. The release of Work Folders for Windows 7 tries to bridge that gap, but doesn’t go as far as it should.
Downloading and Installing
The Work Folders client for Windows 7 can be downloaded by going to Microsoft support article 2891638. Both the x86 and x64 clients are available as .MSU files for Windows 7 Professional, Ultimate, and Enterprise and can be installed manually or through your system’s management product of choice, such as SCCM.
Work Folders can be installed on any computer running the Pro, Ultimate, or Enterprise versions of Windows 7, but must be domain joined to actually use this feature. With Microsoft’s emphasis on BYOD (Bring Your Own Device), not allowing user-owned and/or non-domain joined Windows 7 devices to use Work Folders is a significant shortcoming. Attempting to set up Work Folders without being joined to a domain yields this error: “This PC must be joined to a domain – Join this PC to your organization’s domain and then set up Work Folders.”
This PC must be joined to a domain
Expanding the error shows a recommendation that you can upgrade to Windows 8.1. The error message is as follows: “Alternatively, you can upgrade your PC to a version of Windows, such as Windows 8.1, that supports using Work Folders without a domain. (0x80c8033e)”
Alternatively, you can upgrade your PC...
Client configuration
The client setup for Work Folders for Windows 7 is identical to that for Windows 8.1. If you choose to configure Work Folders using Group Policy, the policies in Computer/User Configuration > Policies > Administrative Templates > Windows Components > Work Folders show that they are supported on at least Windows 8.1. The Group Policy templates included in Server 2012 R2 don’t include the updated OS support, but will indeed work with Windows 7.
Group Policy - At least Windows 8.1 or Windows RT 8.1
Other limitations
In addition to requiring that Windows 7 computers be domain joined, there are issues with enforcing password polices on Windows 7 devices using Work Folders. Windows 8.1 includes the Exchange ActiveSync (EAS) Policy Engine, which can enforce the settings from the Work Folders server; Windows 7 does not include this feature.
If you’ve set the “Automatically lock screen, and require a password” option, you’ll need to take additional steps for Windows 7 clients to sync.
Automatically lock screen, and require a password
If you don’t take the additional step, you will receive this error: “There was a problem applying security policies. Work Folders can’t set up this PC because the server is using password policies that don’t work with Windows 7. Email your organization’s tech support for assistance. The PC cannot meet the compliance policies set by your organization. (0x80c80334)”
There was a problem applying security policies
Since the device has to be domain joined anyway, you’ll have to configure this setting in Group Policy and disable the enforcement of password on the Work Folders server. To do this, log on to the Work Folders server and run the following PowerShell command:
Set-SyncShare $WorkFolderShareName –PasswordAutolockExcludeDomain “domain.yourorg.ext”
Set-SyncShare
The biggest “gotcha” you need to know about running this command is that any domain joined device (including Windows 8.1) will no longer use the Work Folders specified policy (if Work Folders is configured) and will fully rely on Group Policy. Non-domain joined Windows 8.1 computers will still follow the policy set on the Work Folders server.
Conclusion
Due to the lack of support for non-domain joined Windows 7 computers, lack of a Mac client, and no support for mobile OS’s such as Android, iOS, or Windows Phone, Work Folders really seems to have taken a step sideways instead of forward with the release of Work Folders for Windows 7. Many products on the market, such as Dropbox for Business, Citrix ShareFile, and even OneDrive for Business (formerly SkyDrive Pro), have the features Work Folders lacks. I still think it has the potential to be a great product, but it will continue to be a hard sell to management until these shortcomings can be addressed.
Read the latest IT news and community updates!
Join our IT community and read articles without ads!
Do you want to write for 4sysops? We are looking for new authors.
Another difference is that Selective Remote Wipe isn’t available on Windows 7. Also, I thought the main benefit of Work Folders was that you could sync your files from anywhere. If the Windows 7 WF client requires the PC to be domain joined what’s the benefit of using it? Why not use Offline Files if you are inside the domain?
Honestly, I’m still a bit confused as to with Microsoft is trying to accomplish with this product. Most organizations that are already using Folder Redirection and Offline Files probably aren’t going to implement this as a replacement for a working technology. Yes, Work Folders can sync without needing VPN or DirectAccess connectivity, but the whole BYOD argument is blown out of the water if you still need to support Windows 7. If Win7 support is going to require domain join, this product isn’t going to get very far.
We implemented Work Folders as a replacement/augmentation for offline files for our student population and couldn’t be happier (they are on Windows 8.1 however). When they have an internet connection, they are editing the live copy on our network. When they have no internet connection, offline files kicks in and still gives them access to the file.
Instead of trying to implement work folders in Windows 7 (which our faculty is still using), we will probably just bite the bullet and update them to Win 8.1 or 10 when it comes out.
Work Folders is a great replacement for offline files. Offline Files gave us nothing but problems between the CSC database corruption issues and the amount of traffic it generates for syncing. For Windows 10 in our environment, I am redirecting Documents/Favorites/Desktop folders to the local Work Folders folder and taking advantage of the Work Folders instant sync feature. We will continue to use our 3rd party dropbox solution for cloud sync.