none
Offline files not automatically syncing to redirected folders

    Question

  • I'm hoping I can get some ideas from y'all as to what I can try next.

    My client has a Server 2012 R2 domain with Windows 7 workstations. There are two DCs, both hosting a DFS namespace for the folder redirection destination, and DFS replication between the two. Let's say that's \\Domain.local\Users. The GPO for folder redirection redirects all users in that OU to have their Desktop, Documents, Favorites, and Pictures redirected to the new destination, with "Grant user exclusive rights to [folder]" unchecked, but "Move the contents of [folder] to the new location". This GPO is enforced. There was a previous folder redirection GPO in place that I changed to migrate documents back to the local location and then disabled. I waited a week or so between disabling that and applying this new GPO to give the users and workstations time to copy their data down locally.

    The destination folder's permissions are as follows:

    Domain Admins: Full Control - This folder, subfolders, and files
    System: Full Control - This folder, subfolders, and files
    Creator Owner: Full Control - Subfolders, and files
    Domain Users: Traverse folder, Read attributes, Create folders, Read Permissions - This folder only

    The workstations (at least most of them; I'll work on the weird ones) are successfully mapping the GPO and creating the folders on the DFS share, adding the appropriate folders to the appropriate libraries, and copying their local data to the "DFS share".

    Here's the problem: the data is being copied to an offline file and is never syncing up to the servers.

    During this, I discovered that when the user's logon creates the redirected folders on the share, they actually only keep Full Control over "this folder only". That's inherited down to their sub folders so any files that do get copied to the server are stripped of permissions for that user. Basically, when Susie User saves files to \\Domain.local\Users\SUser\Documents, she doesn't have access to those files, but she does to the folder. I've had to run "icacls D:\User /grant suser:(OI)(CI)(F) /t /c /q" on each folder from the server just to make sure files that do make it up there are actually accessible to the user. I'd like to know how to make this automatic upon folder creation somehow. In the meantime, I can use this workaround.

    Once I run that icacls command, I can go to Susie's workstation, and see that the files in her Documents are still Offline. Sync Center says everything is synced and offline files are enabled. I get Event ID 1002's in the Offline Files event log stating that Background Synchronization executed successfully. I can even right click on a file or folder and tell it to sync, and it will! It'll sync and switch to Online mode.

    I considered corrupted user profiles having this issue but a brand new user was created earlier in the week that is plagued by the same issue.

    I just want Offline Files to sync properly. I created the exact same setup at another client two months ago, with the exact same settings (namespace share, DFS replication, folder configuration with permissions, GPO settings, offline files enabled), and I do not the issue of permissions or offline files at that client. To further my troubleshooting, I've created computer based GPOs to sync offline files before logging off, to wait for the network at startup and logon, and to tweak Background Sync settings to sync at least every 30 minutes, with a max time without a sync being 0 minutes. This GPO has not helped.

    What am I missing?

    I appreciate any help you can offer! Thanks.


    • Edited by KFoley Friday, August 14, 2015 2:38 PM Formatting
    Friday, August 14, 2015 2:38 PM

All replies

  • Hi KFoley,

    Thanks for your post.

    Please check if there is a network issue and if there is restrictive NTFS permissions on the server.

    In your scenairo, the permission seems fine. Another thing that may prevent background synchronization from working is incorrect configuration of your network shares. Make sure you have enabled Offline Files synchronization on each share by checking Only the files and programs that users specify are available offline. The setting need to be configured for every share in the path, including the DFS root share.

    Please refer to the following thread.

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/0f48194d-98a1-438d-a5d1-8bdac4febf99/offline-folders-and-files-not-automatically-syncing-off-domain?forum=w7itpronetworking

    And take a look in Event Viewer to see what the specific error message.

    Best Regards,

    Mary Dong


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, August 17, 2015 6:35 AM
    Moderator
  • Mary,

    Thanks for the reply.

    Would users be able to manually sync offline files if there was an NTFS permissions issue on the server?

    I have made sure that the Offline Settings for each share is configured as you detailed.

    I've downloaded the two KBs recommended in the thread you linked and will test those on the client machines. I looked over the link that was in the thread you linked and I have my offline files setup configured as described in that article. I don't want to turn on Transparent Caching or Excluded files, but I do have Background Sync customized, as I described above.

    Also, I am not getting any error messages in Event Viewer. Only the Event ID 1002, as I said above, which just says that Background Sync was successfully, even when nothing happens

    So, what sort of NTFS permissions might be blocking me in this case?

    Thanks,

    Keanan

    Monday, August 17, 2015 7:14 PM
  • Hi KFoley,

    For NTFS permission about Offline Files and Folder please refer to the link:

    http://blogs.technet.com/b/netro/archive/2010/09/01/which-minimum-share-amp-ntfs-permissions-do-you-need-for-the-use-of-offline-files-and-folder-redirection-in-windows-2008-2008-r2.aspx

    Best Regards,

    Mary Dong


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, August 18, 2015 4:45 AM
    Moderator
  • Is the "List Folder/Read Data" permission required? If it can be avoided, I'd like to not have users be able to view the list of user folders. They won't have permission to open the folders, I know, but still.

    Also, this doesn't answer the question as to why the users' folders don't grant the users themselves full control over subfolders and files. I would be surprised if List Folder would be the cause of that; is there something else I should look at as well?

    Thanks again,

    Keanan

    Tuesday, August 18, 2015 6:05 PM