[Samba] GPO redirected folders reg path issue
L.P.H. van Belle
belle at bazuin.nl
Thu Feb 20 14:31:01 UTC 2020
+Rowlands mail and.. ;-)
Hmm, interesting, most probley not samba but a windows setup problem.
But i need bit more info here.
First per site you have 1 or multiple DC's?
The amount of members is not needed.
Second, if you have multiple DC's. how did you sync sysvol.
Thirth, at the time when this happens and a user reports it.
Any related windows event id's .. There must be some...
Nnow, i do simular here.
I redirect even more in addition to yours, the Desktop also for example.
And i havent seen this in hmm, about 4-5 years..
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Philippe LeCavalier via samba
> Verzonden: donderdag 20 februari 2020 15:10
> Aan: samba
> Onderwerp: [Samba] GPO redirected folders reg path issue
> Hi all,
> I have an issue at multiple sites that has been plaguing me
> for a while. My
> goto setup for AD w/windows desktops is to employ roaming
> profiles with
> redirected folders and a few mapped drives; all via GPO. And
> that's pretty
> much it. 3 GPOs linked to the entire domain with
> authenticated users as
> security filter. The file servers are a domain member and
> serve both the
> file shares and redirected folders shares.
> The issue: every now and then I get a user reaching out to
> say that their
> redirected folders "have disappeared". When I login I can see
> that they're
> getting access denied on all the redirected folders
> (Documents, Favorites,
> Cookies and Downloads). When I look at the User Shell Folders
> registry keys
> I can see that the path is directed at the DC rather than the
> file server
> as it should be. The path is exactly the same except instead
> of the file
> server domain member name it is the name of the DC. Almost
> every time, I
> second guess myself and go check the GPO to ensure the path
> is in fact the
> file server and not the DC and of course, it is as it should be;
> pointing to the file server. My solution thus far is to
> delete the keys,
> sign-out/in and voila! Fixed. Until it happens again which is very
> disruptive and one of those recurring issues we all live to hate.
> So...How is it possible that the GPO isn't respected under whatever
> circumstance is occurring to cause this? I guess I'm also wondering if
> there is such a thing as to redirect to the %logonserver% if
> the path fails
> maybe? What's odd (and this is obviously circumstantial) I can always
> navigate to the users redirected folders using the
> path(copy/paste) that is
> supposed to be applied in the GPO in question. So I can only
> conclude that
> somehow during a brief period of time the path was perhaps
> not available,
> hence some sort of failsafe or self preservation is applied.
> I wouldn't
> speculate if it wasn't for the registry keys. There is *nothing* I
> configured telling windows to revert the redirected folders to the DC.
> Remember, this is happening in multiple sites with totally independent
> config. The only common link between is me and there is nothing I'm
> intentionally doing to have this "failsafe" occur. The only
> thing I can
> think of is that these configs have existed for a very long
> time. They even
> pre-date Samba AD DC so they had roaming profiles and
> redirected folders(to
> the samba3 server at the time). That may seem like the
> obvious source of
> the problem however, the thing is, the old smb.conf files
> would have been
> moved aside at the time of promoting to DC AND back in samba3
> days, I was
> not using GPOs. Everything was either scripted and offered up at
> login(which I have confirmed has been removed) or manually
> entered locally.
> Is it possible there is some sort of caching function that
> could possibly
> live that long OR somehow the users registry that was
> manually edited can
> be resurrected? I don't know if that makes any sense even...
> Sorry for the novel and thanks in advance, Phil
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba