Announcement

Collapse
No announcement yet.

User Home Folder Creation Issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • User Home Folder Creation Issue

    Hi All,

    I am a stumped on an issue we are having and hope someone here can help me out. We are currently running an AD environment at both Windows 2003 native at the forest and domain level. When creating a new user account under the profile tab we specify the home folder as "H:" with the path of \\fileserver\HomeDir$\%username%

    The user directory does get created, however the issue I am running into is that what ever administrator creates the account and sets the home folder path is listed as with Full Control permissions and the owner of the folder. The account for the user does get added with Full Control permissions. It was my impression however that if these settings were set via the ADUC that AD handled the permissions correctly in Win2K3? This is creating an issue that each time we have a new user start we have to manually go in and change the ownership of the folder to the user account. Below are the Sharing and Security permissions for the HomeDir share:

    Share Permissions
    Authenticated Users - Full Control

    Security Permissions
    Administrators - Full Control
    Authenticated Users - List Folder/Read Data and Create Folders/Append Data
    Creator Owner - Full Control
    System - Full Control

    Advanced Settings - Unchecked - Allow inheritable permissions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here.

    Thanks in advance,

    -Jason
    MCSA/MCSE 2K3,MCITP:ESA,MCTS x 4,VCP x 2

  • #2
    Re: User Home Folder Creation Issue

    Am I right in saying that your 'share' name is HomeDir$ ?

    If so, if I was you, I'd remove the authenticated users group on the NTFS permissions and make sure it is set to inherit down. This is the other option to the one you have already removed the tick from. That can stay as it is.

    Do the Home Folders already exist? For the permissions to be added automatically, the folders shouldn't be present. Does a message appear after applying the Home folder path?

    Comment


    • #3
      Re: User Home Folder Creation Issue

      Originally posted by Virtual View Post
      Am I right in saying that your 'share' name is HomeDir$ ?

      If so, if I was you, I'd remove the authenticated users group on the NTFS permissions and make sure it is set to inherit down. This is the other option to the one you have already removed the tick from. That can stay as it is.

      Do the Home Folders already exist? For the permissions to be added automatically, the folders shouldn't be present. Does a message appear after applying the Home folder path?
      Virtual,

      Thank you for the response. The folders do not exist prior to the creation via the ADUC. No messages appear in the console or in the Event Viewer after creation. And yes, the share name is HomeDir$.

      -Jason
      MCSA/MCSE 2K3,MCITP:ESA,MCTS x 4,VCP x 2

      Comment


      • #4
        Re: User Home Folder Creation Issue

        Hi Jason,

        Can you please try changing the following

        Share Permissions on the folder homeDir i.e try Everyone- Full Control instead of Authenticated Users - Full Control

        Is there any specific reason that you are creating a hidden share folder (Homedir$) then have the user's home folder.

        This is what worked for me. \\fileserver\HomeDir\%username%$ instead of \\fileserver\HomeDir$\%username%

        Hope this would be of some help!!

        Comment


        • #5
          Re: User Home Folder Creation Issue

          This may go a bit

          Ramya, why do you hide the User's Home folder? Is it a SHARE? If so why when setting the home drive in ADUC you are basically creating root map to the home folder?

          If the HomeDir$ SHARE is hidden then it is not going to be seen by a normal Browse. VWA4 has not, as I read it, created a SHARE for each user account so there is nothing to hide since it can't be seen and only THAT (and in this instance, the Administrator as well) user has permission to access their folder.

          The Administrator permission can be removed by removing them, the Administrator User, from the HomeDir$ SHARE and getting that to Allow inheritable permissions from the parent to propergate to this object and all child objects. This would mean going into the Security Tab, Advanced and modifying it from within.
          1 1 was a racehorse.
          2 2 was 1 2.
          1 1 1 1 race 1 day,
          2 2 1 1 2

          Comment

          Working...
          X