Windows Folder Redirection

KB ID 0000467 

Problem

Q: What is Folder Redirection?

A: Essentially you can take folders that hold things like your “My documents” or your “Favorites” folder, and put them out on a network server, which is great if you want to back that sort of information up for disaster recovery.

Q: What’s the difference between this and a roaming / roving profile?

A: Folder redirection keeps information on a server and you access it remotely, Roaming profiles are designed to sync that information (and your WHOLE user profile) backwards and forwards to a network share as your users logon and log off.

Q: What folders can be redirected?

A: From Server 2008 onwards, and with Windows 7 clients and above, the following can be redirected.

  • AppData(Roaming)
  • Desktop
  • Start Menu
  • Documents
  • Pictures
  • Music
  • Videos
  • Favorites
  • Contacts
  • Downloads
  • Links
  • Searches
  • Saved Games

Solution

1. On a server create a folder to hold the redirected data, In this case you will notice I’ve called my share Redir$ (The dollar sign just means it’s a hidden share, and can’t be seen if people are network browsing).

Folder Redirection: Permissions for the Root Folder

2. Set the share permissions to Everyone: Full Control (Don’t worry we will secure it with NTFS permissions).

3. On the security tab of the folder click advanced.

4. For Server 2012 / 2016 you should see something like this;

For Server 2008 and older it should look more like this;

5. For server 2012 / 2016 Disable Inheritance and select ‘Convert’.

For 2008 and older, untick “Include Inheritable permissions from this objects parent” > At the warning click “Add”.

6. Select each User in turn (You will need to add the Everyone group) > Then Edit the permissions so that they are as follows.

  • CREATOR OWNER – Full Control (Apply onto: Subfolders and Files Only).
  • System – Full Control (Apply onto: This Folder, Subfolders and Files).
  • Domain Admins – Full Control (Apply onto: This Folder, Subfolders and Files).
  • Everyone – Traverse Folder/Execute File (Apply onto: This Folder Only).
  • Everyone – List Folder/Read Data (Apply onto: This Folder Only).
  • Everyone – Read Attributes (Apply onto: This Folder Only).
  • Everyone – Create Folder/Append Data (Apply onto: This Folder Only).

2012 / 2016

‘Show Advanced Permissions’

2008 and older.

7. Now REMOVE BOTH the entries for USERS > Apply  > OK.

7. On your domain controller open the Group Policy Management Console, (Under Administrative Tools) and either create a new USER policy of edit one that already linked to the users you want to enforce this policy upon.

8. I prefer to create a new policy and call it something sensible so if there’s a problem it’s easy to find in the future.

9. Navigate to:

[box]User Configuration > Policies > Windows Settings > Folder Redirection[/box]

Locate the folder you want to redirect (In this case its just the documents folder) > Right click > Properties.

10. I’m going to redirect all my users documents to the one folder I created earlier, so I will choose basic.

Note: You can choose “Advanced” and redirect different groups folders to different locations.

Enter the path to the root folder AS A UNC PATH, DONT click the browse button and browse to it.

11. I’m going to accept the defaults on the settings tab, the option I’ve highlighted creates the folders with exclusive rights on the folders for the user in question and SYSTEM, so the domain admin had no access (this is OK, it’s the same way user profiles work, you can still back them up).

12. Now as your users log on their folders will be redirected to the share you setup.

Backing up Redirected Folders

13. Even with exclusive rights you can still back this data up:

Related Articles, References, Credits, or External Links

Original Article written 22/06/11

Backup Exec Error – ” The backup-to-disk folder that was specified for this job must be on a local NTFS volume”

KB ID 0000574 

Problem

I got this when backing up to an HP RDX removable disk backup system. The drive WAS formatted as NTFS, but the job failed with the following error;

Error:

V-79-57344-4608 – 0xe0001200 – This operation requires a backup-to-disk folder on a local NTFS volume on the media server. Check the job log for details

V-79-57344-4608 – The backup-to-disk folder that was specified for this job must be on a local NTFS volume. Create a new backup-to-disk folder on a local NTFS volume or modify the current folder, and then submit the job again.

Note: Seen on Backup Exec 10.x and 11.x

Solution

In my case the problem was because I was backing up Exchange (2003 on an SBS 2003 server) and it had the GRT option enabled. (Though in these older versions of Backup Exec they didn’t call it GRT).

With Removable Backup to disk Folders you cannot use GRT. Sorry either use a tape or a normal backup to disk folder. And that’s for Exchange, Active Directory and Sharepoint.

1. From within Backup Exec > Tools > Options > Microsoft Exchange > Remove the tick from “Enable the restore of individual mail messages and folders from Information Store backups” > OK.

2. That’s fine for all NEW jobs but if you already have your backup job create you need to edit it. Navigate to Job Monitor > Right click the relevant job> Properties > Microsoft Exchange > Remove the tick from “Enable the restore of individual mail messages and folders from Information Store backups” > Submit > OK.

 

Related Articles, References, Credits, or External Links

NA

WDS – Unattended file – Removing /Formatting Drive Partitions

KB ID 0000490 

Problem

Over the last couple of years I’ve done a lot of imaging of School PC’s I don’t know why but they come with a myriad of different drive and partition configurations. Even big vendors like HP and Dell ship their machines with recovery partitions these days.

If you are imaging with WDS this can cause a problem so what I usually want to do is remove all the partitions, create one big one that takes up all the drive, and format it as NTFS.

Solution

Before you begin make sure you are clued up on working with WDS unattended files, run through my instructions here.

The following procedure needs to be added to the WDS Unattended file NOT the unattended file for the image, (again run through KB0000180 if you are unsure.)

1. While editing your Unattended answerfile you need to locate, “Microsoft-Windows-Setup_neutral” and add “DiskConfiguration” to the “1 windowsPE” component.

2. Right click it and add a disk > Set Disk ID = 0 > Set WillWipeDisk = true.

3. Right Click > Create Partition > Set Extend = true > Set Order = 1 > Set Type = Primary.

4. Select Modify Partitions > Set Active = true > Set Extend = false > Set Format = NTFS > Set Label = SYSTEM > Set Letter = C > Set Order = 1 > Set Partition ID = 1.

5. This procedure will add the following to your unattended file.

 

Related Articles, References, Credits, or External Links

NA

WDS Deploying Windows  Part 3: Carry Out an Unattended Deployment

KB ID 0000738

Problem

In part two we built our reference machine and took an image of it using WDS. Now to automate the deployments we need to create some unattended answer files, these will answer all the questions that the Windows 8 machines will ask while they are building. We will take those files and import them into the WDS server we configured in part one. Finally to make sure everything is working we will deploy Windows 8.

Solution

Download and Install the Windows Assessment and Deployment Kit for Windows 8

1. We used to have the WAIK for Windows 7, now this has been replaced with the ADK. (download link).

2. It’s a MASSIVE download, it will take a long time.

Create a WDS Distribution Share

1. On a drive that has some room (Approx 5GB should be fine,) create a folder.

2. Launch the System Image Manager.

3. In the top left section > Right click ‘Select a Distribution Share’ > Select ‘Create Distribution Share..’

4. Navigate to the folder you created earlier.

5. Now you don’t need to do this next part, but I copy the full contents of the Windows 8 DVD into this folder as well.

6. Like so.

7. Then in the bottom left section > Right click > ‘Select Windows Image..’.

8. Navigate to the Windows 8 Media > Sources Directory > Select ‘install.wim’.

Note: The install.wim MUST match the version you are going to deploy, it’s no good pointing to a Windows 8 Pro image if you are going to deploy Windows 8 Enterprise.

9. Select the version you are going to deploy > OK.

10. This is normal, select yes to create a catalog file. It will take a while, it has to mount the image, interrogate it and create all the components. Now would be a good time to put the kettle on.

Create the Unattended file for WDS (WDSUnattended.xml)

This unattended file will be just for the WDS settings, it will not be applied to the image you are going to deploy. It sets the keyboard and language settings for WDS to use, then it gives the credentials to connect to WDS, and wipes all the partitions from the target machines hard drive. It then repartitions it ready for deployment.

WARNING: As reiterated below, the disk configuration settings below will wipe the target machines drive of ALL partitions, even manufacturers rescue partitions. If you are imaging machines anyway this should not be a problem, but don’t email me to complain of you lose the recovery files for a laptop/PC while you were practicing!

1. Create a new answer file.

2. The components may not start amd64 (if you are deploying x86 images) and some of the numbers might be different on yours. But the main titles of the components will be the same. Locate Microsoft-Windows-Internationa-Core-WinPE.

3. Add it to Pass 1. If you are unfamiliar with SIM, you add a component (or a sub component) to one of the ‘Passes’ in the center, then you can select that component (or sub component) and set the values for its settings in the top right hand section. The SIM builds an XML file in the background which will become the unattended answer file.

4. You will now see this component under pass 1, select it and set the following settings. (These are for my local English Great Britain settings, you may need to change your settings according to your locale).

InputLocale = en-GB SystemLocale = en-GB UILanguage = en-GB UILanguageFallback = en-GB UserLocale = en-GB

5. Select the SetupUILanguage sub component.

UILanguage = en-GB

Wiping the Targets Hard Drive and Partitions with WDS

6. Locate the Microsoft-Windows-Setup component > Disk Configuration sub component.

7. Add to Pass 1.

8. Right click > Insert New Disk.

9. Expand > Disk > Create Partitions > Right click > ‘Insert New CreatePartition’.

10. Select the DISK.

Disk ID = 0 WillWipeDisk = true

11. Select the Partition.

Extend = true Order = 1 Type = Primary

12. Right click ModifyPartition > Insert New ModifyPartition.

13. With the new ModifyPartition selected.

Action = AddlistItem Active = true Extend = false Format = NTFS Label = SYSTEM Letter = C Order = 1 PartitionID = 1

Select Partition to install Image to

1. Locate the WindowsDeploymentService sub component, (also in Microsoft-Windows-Setup).

2. Add to Pass 1.

3. Expand Image Selection > Install To.

Disk ID = 0 PartitionID = 1

4. Expand Login > Credentials.

Domain = {Your domain name i.e. petenetlive.com would be PETENETLIVE). Password = {Of a user with administrative rights – IT WILL GET OBFUSCATED*). Username = {Of a user with administrative rights).

*I used to say ‘encrypted‘, but thats NOT the case, they are simply Base64 encoded.

Attach the Answerfile to the WDS Server

1. Save the file you have just created.

2. Place it in your Remoteinstall folder in the WdsClientUnattend sub folder.

3. Launch the Windows Deployment Services management console > Expand Servers > Right click your server > Properties.

4. Client tab > Tick to enable unattended installation > I’m deploying x64 bit images so next to that option > Browse.

5. Navigate to and select the file you have just created > Open > Apply > OK.

Create the Unattended file for Your Image (OOBEUnattend.xml)

1. Create a new answer file.

2. Locate the Microsoft-Windows-Shell-Setup component.

3. Add to Pass 4.

4. With the component selected.

ComputerName = * CopyProfile = true (Unless you don’t want to copy the profiles from your source image). ProductKey = Your 25 character Windows 8 unlock code Note: Only put in a code of you are deploying with MAK keys or Retail Keys, if you are planning on using KMS leave this option blank RegisteredOrganization = Your business name. RegisteredOwner = Your owners name. ShowWindowsLive = false {now depreciated for Windows 8} TimeZone = GMT Standard Time Note: For other time zones see here

Automatically Join the Domain

1. Locate the Microsoft-Windows-UnattendedJoin component

2. Add to Pass 4.

3. With Identification selected.

JoinDomain = {Your domain name i.e. petenetlive.com would be PETENETLIVE). UnsecureJoin = true

Set the Image Language and Keyboard Settings

4. Locate the Microsoft-Windows-International-Core component.

5. Add to Pass 7.

6. With the component selected.

InputLocale = en-GB SystemLocale = en-GB UILanguage = en-GB UILanguageFallback = en-GB UserLocale = en-GB

7. Locate the Microsoft-Windows-Shell-Setup component > OOBE sub component

8. Add to Pass 7.

9. With the OOBE sub component selected.

HideEULAPage = true HideLocalAccountScreen = true HideOnlineAccountScreen =true HideWirelessSetupInOOBE = true NetworkLocation = Work {sets the firewall settings} ProtectYourPC = 1

Set the Local Administrator Password and Add a Local Administrator

Note: The local admin account is disabled by default, so here I’m setting the local admin’s password, and then creating a new local admin user called Sysadmin.

1. Locate the Microsoft-Windows-Shell-Setup component > UserAccounts sub component

2. Add to Pass 7.

3. With AdmnistratorPassword selected set the password value.

4. Right click LocalAccounts > Insert New LoacalAccount.

5. With LocalAccount selected.

Action = AddListItem Description = Sysadmin DisplayName = Sysadmin Group = Administrators Name = Sysadmin

6. Then set the password value.

7. Save the answer file.

8. Save the file as OOBEUnattand.xml

Attach the Answer file to the Windows 8 Image

1. Launch the Windows Deployment Services Management console.

2. Locate the Windows 8 Image you are attaching the answer file to > Right click > Properties.

3. Tick the option ‘Allow image to install in unattended mode’ > Select File > Browse.

4. Select the OOBEUnattend.xml file you created earlier.

5. Note: It makes a copy of the file and stores it elsewhere calling it ImageUnattend.xml (watch out for this if you need to edit the answer file and nothing changes!)

Deploy Your Windows 8 Image.

1. Boot your target machine to the network via pXe > Press F12 to boot from the WDS.

2. Install an Image.

3. Select the image you want to deploy.

4. After the install, the machine should reboot and present you with a domain logon.

5. And your programs and settings will be pre-configured.

Related Articles, References, Credits, or External Links

2012 – WDS Deploying Windows 8 Part 2: Prepare Windows 8, and Capture to WDS

Cannot Format a SDHC Card to NTFS

KB ID 0000187 

Problem

I had a 16 GB SDHC card, and windows would format it to FAT but not NTFS, this is how to cure the problem.

Solution

Option 1

Download this and use it to format the drive.

Option 2

1. Click Start > In the Search/Run Box type devmgmt.msc > Device Manager will open

2. Navigate to your SC Card reader > Right Click > Properties > Policies > Select Better Performance > OK > Reboot the PC > Try again.

To format your card to FAT32 Quickly use this application.

 

Related Articles, References, Credits, or External Links

NA