none
Picking apart an AD & Offline / Remote / Roaming Users

    Question

  • Hi All,

    Please could i grab some advice or perhaps a plan of attack on a rather confusing scenario.

    I have inherited a rather messy Infrastructure, mixture of 2003, 2008 & 2012 Servers, 2003 functionality and mixture of physical / virtual setups.

    2 Main sites, multiple remote users and a bit of citrix thrown in for good measure to.

    I'm in the process of picking apart the multitude of Group Policies that have been applied (including several non-effective user/computer policies pointing to their opposite containers with no loop-back policies).

    Most current users have redirection (favourites,desktop,mydocuments,appdata(roaming)) and also have roaming profiles.

    I wish to provide our Remote laptop users the ability to work offline away from the domain with desktop/favs/docs redirected - but i've been experiencing issues with DFS shared redirection and generally come a bit unstuck on how to structure AD for GPO links etc.

    For example - the users whos docs reside at \\domain.local\dfs\%username% show a partnership method of \\domain.local\dfs

    this concerns me - is this going to sync the whole DFS share?

    I have created a policy to Administratively Define Offline files - but im concerned that as the user logged in before this policy was applied - it will ignore it and carry on syncing the DFS Share!

    My next thought was to somehow create duplicate redirection policies for the remote/laptop users so they sync to an actual fileserver\username rather than DFS (if it will be problematic).

    end result i desire is for a user to be able to login to a PC at the main office - work, save, etc - then login from home on the laptop over a VPN - redirection shows the new documents they have worked on - then they can disconnect from the VPN - work remotely. Then come into the office the next day - sync their laptop with the network, and then potentially leave the laptop at work - travel to another office - login to the PC there and still have access to the document

    Am i striving for too much? should i just restrict the users to only work on certain devices? I've been reading various KBs and links around the web - but its starting to blur into one big mess! 

    Genuine help please!




    Tuesday, December 08, 2015 4:05 PM

All replies

  • Hi,

    I am very sorry about delayed reply.

    I wish to provide our Remote laptop users the ability to work offline away from the domain with desktop/favs/docs redirected - but i've been experiencing issues with DFS shared redirection and generally come a bit unstuck on how to structure AD for GPO links etc.

    >>>I would appreciate it very much if you would explain what the issues with DFS shared redirection.

    Best Regards,

    Jay


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 15, 2015 5:42 AM
    Moderator