Announcement

Collapse
No announcement yet.

Logon Script Folder Redirection

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Logon Script Folder Redirection

    Hello, I have a log on script that performs folder redirection (among other things) in group policy. For some reason it has somewhat stopped working. The script itself hasn't changed, but what happens now is a new user will log on, it will create the missing folders on the server, but will not give the new user permission to their new folder so the redirection fails until IT goes in and manually applies that user with permissions to the folder.

    Below is the script that redirects. This has worked for years, I have no idea why it just stopped. I know there are other ways (and probably now better ways) to redirect, but I don't have time right now to test and implement so I'm hoping i can fix the existing way.

    Code:
    sub RedirectMydocs(sPath)
    	if right(sPath,1) <> "\" then
    		sPath = sPath & "\"
    	end if
    	Set objReg = wscript.CreateObject("Wscript.Shell")
    	
    	REG_PATH_usershell = "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
    	REG_PATH_mydocs = REG_PATH_usershell & "\Personal"
    	REG_PATH_mypics = REG_PATH_usershell & "\My Pictures"
    	REG_EXPAND_SZ = "REG_EXPAND_SZ"
    	
    	objReg.RegWrite REG_PATH_mydocs, spATH, REG_EXPAND_SZ
    	objReg.RegWrite REG_PATH_mypics, spATH & "My Pictures\", REG_EXPAND_SZ
    	
    end sub
    I thought it may be a permissions issue on the parent folder, but i've gone so far as to temporarily give everyone full access to the parent folder and that did not resolve the issue (the newly created folder still just inherited the parent permissions, did not give the new user explicit permissions). Prior to that test, the normal permissions I gave to the parent folder was:

    Traverse folder/execute file
    List folder / read data
    read attributes
    read extended attributes
    create folders / append data
    read permissions

    Any thoughts?
    Last edited by ccoho; 13th December 2013, 15:51.

  • #2
    Re: Logon Script Folder Redirection

    You're right, there are better, newer ways to do redirects, but Server 2003 has had it available for My Docs, Application Data and Desktop. Permissions can also be set as well. Server 2012 can do it with nearly all a user's profile folders, and is the best practice-recommended way to do it (less delay at logon with less to copy down to PC).

    But for your script, look at the last 2 lines. At the start of code you use the variable 'sPath', and then in the last 2 lines you've got 'spATH'. VB is case-sensitive to variable names, so it's something to look at.
    *RicklesP*
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **

    Comment


    • #3
      Re: Logon Script Folder Redirection

      Originally posted by RicklesP View Post
      You're right, there are better, newer ways to do redirects, but Server 2003 has had it available for My Docs, Application Data and Desktop. Permissions can also be set as well. Server 2012 can do it with nearly all a user's profile folders, and is the best practice-recommended way to do it (less delay at logon with less to copy down to PC).

      But for your script, look at the last 2 lines. At the start of code you use the variable 'sPath', and then in the last 2 lines you've got 'spATH'. VB is case-sensitive to variable names, so it's something to look at.
      I see that, i will change that but i didn't think vb was case sensitive? (i know java is). Regardless, the issue isn't with the actual redirection, that is working, but when it creates the folder for the first time, it doesn't give the user permission to the folder so its all now redirected to a folder that the user can't access.

      Comment

      Working...
      X