Windows: Folder Redirection Policy

Created: 1/21/20

Updated: 1/21/20

One of the many things that are created often on a network is the folder redirection policy. However, not all polices are created equally and this is the case of the Folder Redirection Policy.

*Note*: * – this is dependent upon variables, use judgement.

Some settings that should be applied:

  1. Computer Configuration > Policies > Administrative Templates > Network > Offline Files  > Allow or Disallow use of the Offline Files Feature and set to Enabled
  2. Computer Configuration > Policies > Administrative Templates > Network > Offline Files > Configure Background Sync  and set this to Enabled; you can keep the default settings if you so choose.
  3. Computer Configuration > Policies > Administrative Templates > Network > Offline Files > Encrypt the offline files cache and set to Enabled.
  4. Computer Configuration > Policies > Administrative Templates > System > Group Policy > Configure user Group Policy loopback processing mode and set to Enabled with ‘Merge’.
  5. Computer Configuration > Policies > Administrative Templates > System > Login > Always wait for the network at computer startup and logon and set to Enabled.
  6. Computer Configuration > Policies > Administrative Templates > System > User Profile > Set Roaming profile path for all users logging onto this computer   and set to Enabled and use the defaults along with the folder location desired.
  7. User Configuration > Policies > Administrative Templates > Network > Offline Files > Synchronize all offline files when logging on and set to Enabled.
  8. User Configuration > Policies > Administrative Templates > System > Folder Redirection > Enable optimized move of contents in Office File Cache on Folder Redirection server path change and set to Enabled.
  9.  Folder Rediection folders should be set to Shared with everyone in the “Shared” tab having full access and then the ‘authenticated users’ being added to the “Security Tab” have read access* and in some cases you can set to Full Control for authenticated users and restrict each users folder to each user in Server Manager’s File Server Snap-in.
  10. Worthy note, make sure that your UNC path for the Redirection folders are shared out properly, had this happen to me a few times when I fat fingered the UNC path incorrectly. 😛
  11. Worthy note, you can share the folder with an administrative hide with a ‘My Documents$’ to hide the folder and make it only visible to an administrator, just remember to add this to the redirection in the GPO
  12. Navigate to the File Server and open it in a VMware console or a mstsc and open up Server Manager on the File Server: