[Samba] GPO redirected folders reg path issue

L.P.H. van Belle belle at bazuin.nl
Thu Feb 20 14:31:01 UTC 2020 

+Rowlands mail and..  ;-) 

Hmm, interesting, most probley not samba but a windows setup problem. 
But i need bit more info here.

First per site you have 1 or multiple DC's? 
The amount of members is not needed. 

Second, if you have multiple DC's. how did you sync sysvol. 

Thirth, at the time when this happens and a user reports it. 
Any related windows event id's .. There must be some... 

Nnow, i do simular here. 
I redirect even more in addition to yours, the Desktop also for example. 
And i havent seen this in hmm, about 4-5 years.. 


Greetz, 

Louis



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens 
> Philippe LeCavalier via samba
> Verzonden: donderdag 20 februari 2020 15:10
> Aan: samba
> Onderwerp: [Samba] GPO redirected folders reg path issue
> 
> Hi all,
> 
> I have an issue at multiple sites that has been plaguing me 
> for a while. My
> goto setup for AD w/windows desktops is to employ roaming 
> profiles with
> redirected folders and a few mapped drives; all via GPO. And 
> that's pretty
> much it. 3 GPOs linked to the entire domain with 
> authenticated users as
> security filter. The file servers are a domain member and 
> serve both the
> file shares and redirected folders shares.
> 
> The issue: every now and then I get a user reaching out to 
> say that their
> redirected folders "have disappeared". When I login I can see 
> that they're
> getting access denied on all the redirected folders 
> (Documents, Favorites,
> Cookies and Downloads). When I look at the User Shell Folders 
> registry keys
> I can see that the path is directed at the DC rather than the 
> file server
> as it should be. The path is exactly the same except instead 
> of the file
> server domain member name it is the name of the DC. Almost 
> every time, I
> second guess myself and go check the GPO to ensure the path 
> is in fact the
> file server and not the DC and of course, it is as it should be;
> pointing to the file server. My solution thus far is to 
> delete the keys,
> sign-out/in and voila! Fixed. Until it happens again which is very
> disruptive and one of those recurring issues we all live to hate.
> 
> So...How is it possible that the GPO isn't respected under whatever
> circumstance is occurring to cause this? I guess I'm also wondering if
> there is such a thing as to redirect to the %logonserver% if 
> the path fails
> maybe? What's odd (and this is obviously circumstantial) I can always
> navigate to the users redirected folders using the 
> path(copy/paste) that is
> supposed to be applied in the GPO in question. So I can only 
> conclude that
> somehow during a brief period of time the path was perhaps 
> not available,
> hence some sort of failsafe or self preservation is applied. 
> I wouldn't
> speculate if it wasn't for the registry keys. There is *nothing* I
> configured telling windows to revert the redirected folders to the DC.
> Remember, this is happening in multiple sites with totally independent
> config. The only common link between is me and  there is nothing I'm
> intentionally doing to have this "failsafe" occur. The only 
> thing I can
> think of is that these configs have existed for a very long 
> time. They even
> pre-date Samba AD DC so they had roaming profiles and 
> redirected folders(to
> the samba3 server at the time). That may seem like the 
> obvious source of
> the problem however, the thing is, the old smb.conf files 
> would have been
> moved aside at the time of promoting to DC AND back in samba3 
> days, I was
> not using GPOs. Everything was either scripted and offered up at
> login(which I have confirmed has been removed) or manually 
> entered locally.
> Is it possible there is some sort of caching function that 
> could possibly
> live that long OR somehow the users registry that was 
> manually edited can
> be resurrected? I don't know if that makes any sense even...
> Sorry for the novel and thanks in advance, Phil
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
> 
>

More information about the samba mailing list