Article ID: 232692 - View products that this article applies to.
This article was previously published under Q232692
NoticeThis article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(http://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
Windows provides the ability to redirect specific user folders to server locations, using a group policy extension called Folder Redirection.
Many administrators may wish to use folder redirection in such a way that a user's folders are automatically redirected to a newly created folder for each user. This article discusses how to redirect to the new folder location and the minimum NTFS Access Control List (ACL) permissions you need to complete the redirection successfully.
Set UpFolder Redirection is a User group policy. This means that a user for whom you configure folder redirection must have a group policy linked to some folder structure where their user object is subordinate, such as a site, domain, or organizational unit.
Once you create the group policy and link it to the appropriate folder object, an administrator can designate which folders to redirect and where To do this, the administrator needs to navigate to the following location in the Group Policy Object:
User Configuration\Windows Settings\Folder RedirectionIn the Properties of the folder, you can choose Basic or Advanced folder redirection, and you can designate the server file system path to which the folder should be redirected.
The %USERNAME% variable may be used as part of the redirection path, thus allowing the system to dynamically create a newly redirected folder for each user to whom the policy object applies.
Security RequirementsIf you configure Folder Redirection to create new subfolders for each user, that user needs sufficient Share and NTFS ACL permissions to create the subfolder in the appropriate location.
When a user does not have sufficient Share and NTFS ACL permissions, their folder is not redirected and you can view one of the following event messages in the local application event log:
Event ID: 101
Failed to perform redirection of folder foldername. The new directories for the redirected folder could not be created. The folder is configured to be redirected to \\servername\sharename\%username%, the final expanded path was \\servername\sharename\username. The following error occurred:
Access is denied.
Event ID: 101For additional information about the permissions that are required for a share that will host redirected folders, click the following article number to view the article in the Microsoft Knowledge Base:
Failed to perform redirection of the folder application data. The files for the redirected folder could not be moved to the new location. The folder is configured to be redirected to path. Files were being moved from path to path. The following error occurred: The security descriptor structure is invalid.
(http://support.microsoft.com/kb/274443/ )How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000