| Author | Messages | |
robertsingers
Posts:571
 | | 05/06/2008 12:45 AM |
| Heh, when I finish reading all the info http://plone.e.govt.nz/policy/tc-and-drm/ I'll let you know.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Tuesday, 6 May 2008 4:25 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I realise that this is heading off-topic, but what DRM model are you talking about that would potentially affect a government organisation?
Cheers
Ken
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, 6 May 2008 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I'm not sure the NZ Govt is interested in moving to Vista because of the DRM model used. It's something I must follow up as part of my target state planning. I think like a lot of organisations we'll be aiming to go from Windows XP to Windows 7. I may even have caught up on all the new deployment stuff by then :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 3:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The offline files behavior you describe is "normal" (sadly) for XP, and the fix (CSCCMD /disconnect) is the right fix.
I have several clients who use the /disconnect command in interesting ways, including INCORPORATING it in their VPN logon process (through the Cisco client, e.g.).
The bad news is there are a few things you can do to make XP's offline files better (see the WINDOWS ADMINISTRATION RESOURCE KIT, Solutions Collection 3 for details).
The good news is VISTA's caching is overhauled and much, much, much, better. If you can get your users on to vista clients, the vast majority of problems, and all 'show stoppers' will be a moot point, as far as offline files and user data.
HTH.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well I'm currently VPNed in via a SonicWall 4060 and I'm running 'offline" for my h: (home) and j: (Dept file plan). I work this way every Tuesday. I have had issues with my offline cache corrupting but mostly it works perfectly.
I will say however I'm currently the only person in my Org who uses VPN. So I'm not sure if my experience is typical.
I should have a adminsitratively assigned W: drive offline that has all the Dept's office templates and that isn't showing. One day I'll have a look at why :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Tuesday, 6 May 2008 1:13 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
"Off-line files" is _ideally_ a nice feature as it allows mobile users to bring their personal docs with them (the files stored in their home folder - My Docs), unfortunately I have never been able to make it work properly.
I found so many useful resources at the following blog http://blogs.msdn.com/jonathanh/archive/tags/Offline+Files/default.aspx and was able to fix most of the problems.
But there's still a major issue that really annoys me.
The "Off-line files" feature when used with Redirected My Docs (it gets enabled by default in XP) should be able to determine if the link between the client and the file server is slow or not (slow link detection of off-line files, a speed threshold configurable via GPO):
a) if the link is "fast", the Off-line files mechanism should place the client "on-line" and so My Documents redirected and files accessed onto the file server (e.g. LAN)
b) if the link is "slow" (as set in the GPO) the "Off-line files" mechanism should place the client "off-line" and files accessed in the local Client Side Cache (CSC)
Unfortunately when mobile users establish a VPN connection (via POTS, GPRS, UMTS, whatever-slow-link) and so are able to reach the file server, the "off-line files" mechanism ignores the speed detection threshold and always puts the client "on-line"... sigh... of course this unexpected behavior generates major problems:
1) users read/write My Docs files NOT in the local CSC, but in the remote SMB share (SMB over a slow link... uh... bad performance, the system goes like a snail)
2) because of 1) a lot of network traffic (SMB) is generated against the file server and this might have a very bad impact on costs if, for example, 3G networks are utilized roaming some countries.
The only workaround I found is to force a disconnection with "CSCCMD /disconnect" (http://support.microsoft.com/kb/884739), not very _friendly_ for the users, even if a script is made available to them (they're too lazy to double click on the script icon if the system becomes weirdly slow - but they are right, the system should behave automatically).
Is any of you ever been able to make the off-line files work properly?
Thanks - Gabriele.
PS=I've heard Off-line files have been completely re-written in WinVista. I believe I know the reason....
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: mercoledì 23 aprile 2008 5.56
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The setting is Administratively assigned offline files. User Configuration\Administrative Templates\Network\Offline Files.
Note if you're going to this extreme, really think about redirection instead.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, April 22, 2008 11:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
You can solve the home drive issue by the old administratively configured offline folders\drives in the GPO somewhere that I can't remember off the top of my head.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dave Wade
Sent: Wednesday, 23 April 2008 2:37 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Mike,
Well your VPN connection needs to work as part of the logon process, and not after logon has completed. If the user logs on with cached credentials and then connects they won't get a home drive (or logon script).
Dave Wade
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Tharp
Sent: 21 April 2008 17:51
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD Home Folder and Remote User
I would like to start using the Home Folder setting in AD to map the personal drives for all my users but can't seem to get it to work for remote users. When a user is on the network the drive maps just fine however when they come in through VPN it does not map.
Does anyone know how to get it to work for remote users?
**********************************************************************
This email, and any files transmitted with it, is confidential and
intended solely for the use of the individual or entity to whom they
are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
If you receive this email in error please notify Stockport ICT, Business Services via email.query@stockport.gov.uk and then permanently remove it from your system.
Thank you.
http://www.stockport.gov.uk
**********************************************************************
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
| | | |
| danholme
Posts:165
| | 05/06/2008 4:42 AM |
| LOL... and let me know if you want a private or semi-private deployment brain dump. That's something I've been doing a LOT of recently.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 6:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Heh, when I finish reading all the info http://plone.e.govt.nz/policy/tc-and-drm/ I'll let you know.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Tuesday, 6 May 2008 4:25 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I realise that this is heading off-topic, but what DRM model are you talking about that would potentially affect a government organisation?
Cheers
Ken
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, 6 May 2008 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I'm not sure the NZ Govt is interested in moving to Vista because of the DRM model used. It's something I must follow up as part of my target state planning. I think like a lot of organisations we'll be aiming to go from Windows XP to Windows 7. I may even have caught up on all the new deployment stuff by then :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 3:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The offline files behavior you describe is "normal" (sadly) for XP, and the fix (CSCCMD /disconnect) is the right fix.
I have several clients who use the /disconnect command in interesting ways, including INCORPORATING it in their VPN logon process (through the Cisco client, e.g.).
The bad news is there are a few things you can do to make XP's offline files better (see the WINDOWS ADMINISTRATION RESOURCE KIT, Solutions Collection 3 for details).
The good news is VISTA's caching is overhauled and much, much, much, better. If you can get your users on to vista clients, the vast majority of problems, and all 'show stoppers' will be a moot point, as far as offline files and user data.
HTH.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well I'm currently VPNed in via a SonicWall 4060 and I'm running 'offline" for my h: (home) and j: (Dept file plan). I work this way every Tuesday. I have had issues with my offline cache corrupting but mostly it works perfectly.
I will say however I'm currently the only person in my Org who uses VPN. So I'm not sure if my experience is typical.
I should have a adminsitratively assigned W: drive offline that has all the Dept's office templates and that isn't showing. One day I'll have a look at why :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Tuesday, 6 May 2008 1:13 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
"Off-line files" is _ideally_ a nice feature as it allows mobile users to bring their personal docs with them (the files stored in their home folder - My Docs), unfortunately I have never been able to make it work properly.
I found so many useful resources at the following blog http://blogs.msdn.com/jonathanh/archive/tags/Offline+Files/default.aspx and was able to fix most of the problems.
But there's still a major issue that really annoys me.
The "Off-line files" feature when used with Redirected My Docs (it gets enabled by default in XP) should be able to determine if the link between the client and the file server is slow or not (slow link detection of off-line files, a speed threshold configurable via GPO):
a) if the link is "fast", the Off-line files mechanism should place the client "on-line" and so My Documents redirected and files accessed onto the file server (e.g. LAN)
b) if the link is "slow" (as set in the GPO) the "Off-line files" mechanism should place the client "off-line" and files accessed in the local Client Side Cache (CSC)
Unfortunately when mobile users establish a VPN connection (via POTS, GPRS, UMTS, whatever-slow-link) and so are able to reach the file server, the "off-line files" mechanism ignores the speed detection threshold and always puts the client "on-line"... sigh... of course this unexpected behavior generates major problems:
1) users read/write My Docs files NOT in the local CSC, but in the remote SMB share (SMB over a slow link... uh... bad performance, the system goes like a snail)
2) because of 1) a lot of network traffic (SMB) is generated against the file server and this might have a very bad impact on costs if, for example, 3G networks are utilized roaming some countries.
The only workaround I found is to force a disconnection with "CSCCMD /disconnect" (http://support.microsoft.com/kb/884739), not very _friendly_ for the users, even if a script is made available to them (they're too lazy to double click on the script icon if the system becomes weirdly slow - but they are right, the system should behave automatically).
Is any of you ever been able to make the off-line files work properly?
Thanks - Gabriele.
PS=I've heard Off-line files have been completely re-written in WinVista. I believe I know the reason....
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: mercoledì 23 aprile 2008 5.56
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The setting is Administratively assigned offline files. User Configuration\Administrative Templates\Network\Offline Files.
Note if you're going to this extreme, really think about redirection instead.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, April 22, 2008 11:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
You can solve the home drive issue by the old administratively configured offline folders\drives in the GPO somewhere that I can't remember off the top of my head.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dave Wade
Sent: Wednesday, 23 April 2008 2:37 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Mike,
Well your VPN connection needs to work as part of the logon process, and not after logon has completed. If the user logs on with cached credentials and then connects they won't get a home drive (or logon script).
Dave Wade
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Tharp
Sent: 21 April 2008 17:51
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD Home Folder and Remote User
I would like to start using the Home Folder setting in AD to map the personal drives for all my users but can't seem to get it to work for remote users. When a user is on the network the drive maps just fine however when they come in through VPN it does not map.
Does anyone know how to get it to work for remote users?
**********************************************************************
This email, and any files transmitted with it, is confidential and
intended solely for the use of the individual or entity to whom they
are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
If you receive this email in error please notify Stockport ICT, Business Services via email.query@stockport.gov.uk and then permanently remove it from your system.
Thank you.
http://www.stockport.gov.uk
**********************************************************************
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
| | | |
| robertsingers
Posts:571
| | 05/06/2008 5:38 PM |
| Well it's more that there is a whole lot of it now. I'm from back in the day when we told MST that the ZAK sucked, and Sysprep was a dark art :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 8:38 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
LOL... and let me know if you want a private or semi-private deployment brain dump. That's something I've been doing a LOT of recently.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 6:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Heh, when I finish reading all the info http://plone.e.govt.nz/policy/tc-and-drm/ I'll let you know.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Tuesday, 6 May 2008 4:25 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I realise that this is heading off-topic, but what DRM model are you talking about that would potentially affect a government organisation?
Cheers
Ken
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, 6 May 2008 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I'm not sure the NZ Govt is interested in moving to Vista because of the DRM model used. It's something I must follow up as part of my target state planning. I think like a lot of organisations we'll be aiming to go from Windows XP to Windows 7. I may even have caught up on all the new deployment stuff by then :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 3:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The offline files behavior you describe is "normal" (sadly) for XP, and the fix (CSCCMD /disconnect) is the right fix.
I have several clients who use the /disconnect command in interesting ways, including INCORPORATING it in their VPN logon process (through the Cisco client, e.g.).
The bad news is there are a few things you can do to make XP's offline files better (see the WINDOWS ADMINISTRATION RESOURCE KIT, Solutions Collection 3 for details).
The good news is VISTA's caching is overhauled and much, much, much, better. If you can get your users on to vista clients, the vast majority of problems, and all 'show stoppers' will be a moot point, as far as offline files and user data.
HTH.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well I'm currently VPNed in via a SonicWall 4060 and I'm running 'offline" for my h: (home) and j: (Dept file plan). I work this way every Tuesday. I have had issues with my offline cache corrupting but mostly it works perfectly.
I will say however I'm currently the only person in my Org who uses VPN. So I'm not sure if my experience is typical.
I should have a adminsitratively assigned W: drive offline that has all the Dept's office templates and that isn't showing. One day I'll have a look at why :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Tuesday, 6 May 2008 1:13 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
"Off-line files" is _ideally_ a nice feature as it allows mobile users to bring their personal docs with them (the files stored in their home folder - My Docs), unfortunately I have never been able to make it work properly.
I found so many useful resources at the following blog http://blogs.msdn.com/jonathanh/archive/tags/Offline+Files/default.aspx and was able to fix most of the problems.
But there's still a major issue that really annoys me.
The "Off-line files" feature when used with Redirected My Docs (it gets enabled by default in XP) should be able to determine if the link between the client and the file server is slow or not (slow link detection of off-line files, a speed threshold configurable via GPO):
a) if the link is "fast", the Off-line files mechanism should place the client "on-line" and so My Documents redirected and files accessed onto the file server (e.g. LAN)
b) if the link is "slow" (as set in the GPO) the "Off-line files" mechanism should place the client "off-line" and files accessed in the local Client Side Cache (CSC)
Unfortunately when mobile users establish a VPN connection (via POTS, GPRS, UMTS, whatever-slow-link) and so are able to reach the file server, the "off-line files" mechanism ignores the speed detection threshold and always puts the client "on-line"... sigh... of course this unexpected behavior generates major problems:
1) users read/write My Docs files NOT in the local CSC, but in the remote SMB share (SMB over a slow link... uh... bad performance, the system goes like a snail)
2) because of 1) a lot of network traffic (SMB) is generated against the file server and this might have a very bad impact on costs if, for example, 3G networks are utilized roaming some countries.
The only workaround I found is to force a disconnection with "CSCCMD /disconnect" (http://support.microsoft.com/kb/884739), not very _friendly_ for the users, even if a script is made available to them (they're too lazy to double click on the script icon if the system becomes weirdly slow - but they are right, the system should behave automatically).
Is any of you ever been able to make the off-line files work properly?
Thanks - Gabriele.
PS=I've heard Off-line files have been completely re-written in WinVista. I believe I know the reason....
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: mercoledì 23 aprile 2008 5.56
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The setting is Administratively assigned offline files. User Configuration\Administrative Templates\Network\Offline Files.
Note if you're going to this extreme, really think about redirection instead.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, April 22, 2008 11:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
You can solve the home drive issue by the old administratively configured offline folders\drives in the GPO somewhere that I can't remember off the top of my head.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dave Wade
Sent: Wednesday, 23 April 2008 2:37 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Mike,
Well your VPN connection needs to work as part of the logon process, and not after logon has completed. If the user logs on with cached credentials and then connects they won't get a home drive (or logon script).
Dave Wade
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Tharp
Sent: 21 April 2008 17:51
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD Home Folder and Remote User
I would like to start using the Home Folder setting in AD to map the personal drives for all my users but can't seem to get it to work for remote users. When a user is on the network the drive maps just fine however when they come in through VPN it does not map.
Does anyone know how to get it to work for remote users?
**********************************************************************
This email, and any files transmitted with it, is confidential and
intended solely for the use of the individual or entity to whom they
are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
If you receive this email in error please notify Stockport ICT, Business Services via email.query@stockport.gov.uk and then permanently remove it from your system.
Thank you.
http://www.stockport.gov.uk
**********************************************************************
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
| | | |
| danholme
Posts:165
| | 05/06/2008 6:13 PM |
| LOL ain't that the truth. I go back to NT4 alpha unattend installations, when it was either "hack the answer file until something works" or call Bo Jensen who was the (only) person who knew about it at MS. I gotta tell you, I can deploy really rich systems in no time flat now with the MDT. I'm in love with it!
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, May 06, 2008 11:35 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well it's more that there is a whole lot of it now. I'm from back in the day when we told MST that the ZAK sucked, and Sysprep was a dark art :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 8:38 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
LOL... and let me know if you want a private or semi-private deployment brain dump. That's something I've been doing a LOT of recently.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 6:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Heh, when I finish reading all the info http://plone.e.govt.nz/policy/tc-and-drm/ I'll let you know.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Tuesday, 6 May 2008 4:25 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I realise that this is heading off-topic, but what DRM model are you talking about that would potentially affect a government organisation?
Cheers
Ken
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, 6 May 2008 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I'm not sure the NZ Govt is interested in moving to Vista because of the DRM model used. It's something I must follow up as part of my target state planning. I think like a lot of organisations we'll be aiming to go from Windows XP to Windows 7. I may even have caught up on all the new deployment stuff by then :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 3:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The offline files behavior you describe is "normal" (sadly) for XP, and the fix (CSCCMD /disconnect) is the right fix.
I have several clients who use the /disconnect command in interesting ways, including INCORPORATING it in their VPN logon process (through the Cisco client, e.g.).
The bad news is there are a few things you can do to make XP's offline files better (see the WINDOWS ADMINISTRATION RESOURCE KIT, Solutions Collection 3 for details).
The good news is VISTA's caching is overhauled and much, much, much, better. If you can get your users on to vista clients, the vast majority of problems, and all 'show stoppers' will be a moot point, as far as offline files and user data.
HTH.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well I'm currently VPNed in via a SonicWall 4060 and I'm running 'offline" for my h: (home) and j: (Dept file plan). I work this way every Tuesday. I have had issues with my offline cache corrupting but mostly it works perfectly.
I will say however I'm currently the only person in my Org who uses VPN. So I'm not sure if my experience is typical.
I should have a adminsitratively assigned W: drive offline that has all the Dept's office templates and that isn't showing. One day I'll have a look at why :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Tuesday, 6 May 2008 1:13 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
"Off-line files" is _ideally_ a nice feature as it allows mobile users to bring their personal docs with them (the files stored in their home folder - My Docs), unfortunately I have never been able to make it work properly.
I found so many useful resources at the following blog http://blogs.msdn.com/jonathanh/archive/tags/Offline+Files/default.aspx and was able to fix most of the problems.
But there's still a major issue that really annoys me.
The "Off-line files" feature when used with Redirected My Docs (it gets enabled by default in XP) should be able to determine if the link between the client and the file server is slow or not (slow link detection of off-line files, a speed threshold configurable via GPO):
a) if the link is "fast", the Off-line files mechanism should place the client "on-line" and so My Documents redirected and files accessed onto the file server (e.g. LAN)
b) if the link is "slow" (as set in the GPO) the "Off-line files" mechanism should place the client "off-line" and files accessed in the local Client Side Cache (CSC)
Unfortunately when mobile users establish a VPN connection (via POTS, GPRS, UMTS, whatever-slow-link) and so are able to reach the file server, the "off-line files" mechanism ignores the speed detection threshold and always puts the client "on-line"... sigh... of course this unexpected behavior generates major problems:
1) users read/write My Docs files NOT in the local CSC, but in the remote SMB share (SMB over a slow link... uh... bad performance, the system goes like a snail)
2) because of 1) a lot of network traffic (SMB) is generated against the file server and this might have a very bad impact on costs if, for example, 3G networks are utilized roaming some countries.
The only workaround I found is to force a disconnection with "CSCCMD /disconnect" (http://support.microsoft.com/kb/884739), not very _friendly_ for the users, even if a script is made available to them (they're too lazy to double click on the script icon if the system becomes weirdly slow - but they are right, the system should behave automatically).
Is any of you ever been able to make the off-line files work properly?
Thanks - Gabriele.
PS=I've heard Off-line files have been completely re-written in WinVista. I believe I know the reason....
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: mercoledì 23 aprile 2008 5.56
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The setting is Administratively assigned offline files. User Configuration\Administrative Templates\Network\Offline Files.
Note if you're going to this extreme, really think about redirection instead.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, April 22, 2008 11:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
You can solve the home drive issue by the old administratively configured offline folders\drives in the GPO somewhere that I can't remember off the top of my head.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dave Wade
Sent: Wednesday, 23 April 2008 2:37 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Mike,
Well your VPN connection needs to work as part of the logon process, and not after logon has completed. If the user logs on with cached credentials and then connects they won't get a home drive (or logon script).
Dave Wade
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Tharp
Sent: 21 April 2008 17:51
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD Home Folder and Remote User
I would like to start using the Home Folder setting in AD to map the personal drives for all my users but can't seem to get it to work for remote users. When a user is on the network the drive maps just fine however when they come in through VPN it does not map.
Does anyone know how to get it to work for remote users?
**********************************************************************
This email, and any files transmitted with it, is confidential and
intended solely for the use of the individual or entity to whom they
are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
If you receive this email in error please notify Stockport ICT, Business Services via email.query@stockport.gov.uk and then permanently remove it from your system.
Thank you.
http://www.stockport.gov.uk
**********************************************************************
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
| | | |
| robertsingers
Posts:571
| | 05/06/2008 6:23 PM |
| Well if we have to go back. I go back to formatting the HDD and deploying Win 3.11 out of a zip file, and modifying a couple of ini files. Then Windows 95 using Ghost when it was still produced by a NZ Company. NT4 workstation was the watershed O/S for getting MST to realise that large scale deployments needed something better.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Wednesday, 7 May 2008 10:10 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
LOL ain't that the truth. I go back to NT4 alpha unattend installations, when it was either "hack the answer file until something works" or call Bo Jensen who was the (only) person who knew about it at MS. I gotta tell you, I can deploy really rich systems in no time flat now with the MDT. I'm in love with it!
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, May 06, 2008 11:35 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well it's more that there is a whole lot of it now. I'm from back in the day when we told MST that the ZAK sucked, and Sysprep was a dark art :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 8:38 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
LOL... and let me know if you want a private or semi-private deployment brain dump. That's something I've been doing a LOT of recently.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 6:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Heh, when I finish reading all the info http://plone.e.govt.nz/policy/tc-and-drm/ I'll let you know.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Tuesday, 6 May 2008 4:25 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I realise that this is heading off-topic, but what DRM model are you talking about that would potentially affect a government organisation?
Cheers
Ken
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, 6 May 2008 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I'm not sure the NZ Govt is interested in moving to Vista because of the DRM model used. It's something I must follow up as part of my target state planning. I think like a lot of organisations we'll be aiming to go from Windows XP to Windows 7. I may even have caught up on all the new deployment stuff by then :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 3:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The offline files behavior you describe is "normal" (sadly) for XP, and the fix (CSCCMD /disconnect) is the right fix.
I have several clients who use the /disconnect command in interesting ways, including INCORPORATING it in their VPN logon process (through the Cisco client, e.g.).
The bad news is there are a few things you can do to make XP's offline files better (see the WINDOWS ADMINISTRATION RESOURCE KIT, Solutions Collection 3 for details).
The good news is VISTA's caching is overhauled and much, much, much, better. If you can get your users on to vista clients, the vast majority of problems, and all 'show stoppers' will be a moot point, as far as offline files and user data.
HTH.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well I'm currently VPNed in via a SonicWall 4060 and I'm running 'offline" for my h: (home) and j: (Dept file plan). I work this way every Tuesday. I have had issues with my offline cache corrupting but mostly it works perfectly.
I will say however I'm currently the only person in my Org who uses VPN. So I'm not sure if my experience is typical.
I should have a adminsitratively assigned W: drive offline that has all the Dept's office templates and that isn't showing. One day I'll have a look at why :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Tuesday, 6 May 2008 1:13 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
"Off-line files" is _ideally_ a nice feature as it allows mobile users to bring their personal docs with them (the files stored in their home folder - My Docs), unfortunately I have never been able to make it work properly.
I found so many useful resources at the following blog http://blogs.msdn.com/jonathanh/archive/tags/Offline+Files/default.aspx and was able to fix most of the problems.
But there's still a major issue that really annoys me.
The "Off-line files" feature when used with Redirected My Docs (it gets enabled by default in XP) should be able to determine if the link between the client and the file server is slow or not (slow link detection of off-line files, a speed threshold configurable via GPO):
a) if the link is "fast", the Off-line files mechanism should place the client "on-line" and so My Documents redirected and files accessed onto the file server (e.g. LAN)
b) if the link is "slow" (as set in the GPO) the "Off-line files" mechanism should place the client "off-line" and files accessed in the local Client Side Cache (CSC)
Unfortunately when mobile users establish a VPN connection (via POTS, GPRS, UMTS, whatever-slow-link) and so are able to reach the file server, the "off-line files" mechanism ignores the speed detection threshold and always puts the client "on-line"... sigh... of course this unexpected behavior generates major problems:
1) users read/write My Docs files NOT in the local CSC, but in the remote SMB share (SMB over a slow link... uh... bad performance, the system goes like a snail)
2) because of 1) a lot of network traffic (SMB) is generated against the file server and this might have a very bad impact on costs if, for example, 3G networks are utilized roaming some countries.
The only workaround I found is to force a disconnection with "CSCCMD /disconnect" (http://support.microsoft.com/kb/884739), not very _friendly_ for the users, even if a script is made available to them (they're too lazy to double click on the script icon if the system becomes weirdly slow - but they are right, the system should behave automatically).
Is any of you ever been able to make the off-line files work properly?
Thanks - Gabriele.
PS=I've heard Off-line files have been completely re-written in WinVista. I believe I know the reason....
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: mercoledì 23 aprile 2008 5.56
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The setting is Administratively assigned offline files. User Configuration\Administrative Templates\Network\Offline Files.
Note if you're going to this extreme, really think about redirection instead.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, April 22, 2008 11:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
You can solve the home drive issue by the old administratively configured offline folders\drives in the GPO somewhere that I can't remember off the top of my head.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dave Wade
Sent: Wednesday, 23 April 2008 2:37 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Mike,
Well your VPN connection needs to work as part of the logon process, and not after logon has completed. If the user logs on with cached credentials and then connects they won't get a home drive (or logon script).
Dave Wade
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Tharp
Sent: 21 April 2008 17:51
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD Home Folder and Remote User
I would like to start using the Home Folder setting in AD to map the personal drives for all my users but can't seem to get it to work for remote users. When a user is on the network the drive maps just fine however when they come in through VPN it does not map.
Does anyone know how to get it to work for remote users?
**********************************************************************
This email, and any files transmitted with it, is confidential and
intended solely for the use of the individual or entity to whom they
are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
If you receive this email in error please notify Stockport ICT, Business Services via email.query@stockport.gov.uk and then permanently remove it from your system.
Thank you.
http://www.stockport.gov.uk
**********************************************************************
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
| | | |
| danholme
Posts:165
| | 05/06/2008 6:28 PM |
| Win 3.11 zip files? You win <lol>. Ghost is part of my grey hair, zip files, not somuch ;-)
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, May 06, 2008 12:20 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well if we have to go back. I go back to formatting the HDD and deploying Win 3.11 out of a zip file, and modifying a couple of ini files. Then Windows 95 using Ghost when it was still produced by a NZ Company. NT4 workstation was the watershed O/S for getting MST to realise that large scale deployments needed something better.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Wednesday, 7 May 2008 10:10 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
LOL ain't that the truth. I go back to NT4 alpha unattend installations, when it was either "hack the answer file until something works" or call Bo Jensen who was the (only) person who knew about it at MS. I gotta tell you, I can deploy really rich systems in no time flat now with the MDT. I'm in love with it!
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, May 06, 2008 11:35 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well it's more that there is a whole lot of it now. I'm from back in the day when we told MST that the ZAK sucked, and Sysprep was a dark art :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 8:38 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
LOL... and let me know if you want a private or semi-private deployment brain dump. That's something I've been doing a LOT of recently.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 6:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Heh, when I finish reading all the info http://plone.e.govt.nz/policy/tc-and-drm/ I'll let you know.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Ken Schaefer
Sent: Tuesday, 6 May 2008 4:25 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I realise that this is heading off-topic, but what DRM model are you talking about that would potentially affect a government organisation?
Cheers
Ken
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, 6 May 2008 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
I'm not sure the NZ Govt is interested in moving to Vista because of the DRM model used. It's something I must follow up as part of my target state planning. I think like a lot of organisations we'll be aiming to go from Windows XP to Windows 7. I may even have caught up on all the new deployment stuff by then :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: Tuesday, 6 May 2008 3:55 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The offline files behavior you describe is "normal" (sadly) for XP, and the fix (CSCCMD /disconnect) is the right fix.
I have several clients who use the /disconnect command in interesting ways, including INCORPORATING it in their VPN logon process (through the Cisco client, e.g.).
The bad news is there are a few things you can do to make XP's offline files better (see the WINDOWS ADMINISTRATION RESOURCE KIT, Solutions Collection 3 for details).
The good news is VISTA's caching is overhauled and much, much, much, better. If you can get your users on to vista clients, the vast majority of problems, and all 'show stoppers' will be a moot point, as far as offline files and user data.
HTH.
Dan
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Monday, May 05, 2008 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Well I'm currently VPNed in via a SonicWall 4060 and I'm running 'offline" for my h: (home) and j: (Dept file plan). I work this way every Tuesday. I have had issues with my offline cache corrupting but mostly it works perfectly.
I will say however I'm currently the only person in my Org who uses VPN. So I'm not sure if my experience is typical.
I should have a adminsitratively assigned W: drive offline that has all the Dept's office templates and that isn't showing. One day I'll have a look at why :-)
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Gabriele Scolaro
Sent: Tuesday, 6 May 2008 1:13 p.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
"Off-line files" is _ideally_ a nice feature as it allows mobile users to bring their personal docs with them (the files stored in their home folder - My Docs), unfortunately I have never been able to make it work properly.
I found so many useful resources at the following blog http://blogs.msdn.com/jonathanh/archive/tags/Offline+Files/default.aspx and was able to fix most of the problems.
But there's still a major issue that really annoys me.
The "Off-line files" feature when used with Redirected My Docs (it gets enabled by default in XP) should be able to determine if the link between the client and the file server is slow or not (slow link detection of off-line files, a speed threshold configurable via GPO):
a) if the link is "fast", the Off-line files mechanism should place the client "on-line" and so My Documents redirected and files accessed onto the file server (e.g. LAN)
b) if the link is "slow" (as set in the GPO) the "Off-line files" mechanism should place the client "off-line" and files accessed in the local Client Side Cache (CSC)
Unfortunately when mobile users establish a VPN connection (via POTS, GPRS, UMTS, whatever-slow-link) and so are able to reach the file server, the "off-line files" mechanism ignores the speed detection threshold and always puts the client "on-line"... sigh... of course this unexpected behavior generates major problems:
1) users read/write My Docs files NOT in the local CSC, but in the remote SMB share (SMB over a slow link... uh... bad performance, the system goes like a snail)
2) because of 1) a lot of network traffic (SMB) is generated against the file server and this might have a very bad impact on costs if, for example, 3G networks are utilized roaming some countries.
The only workaround I found is to force a disconnection with "CSCCMD /disconnect" (http://support.microsoft.com/kb/884739), not very _friendly_ for the users, even if a script is made available to them (they're too lazy to double click on the script icon if the system becomes weirdly slow - but they are right, the system should behave automatically).
Is any of you ever been able to make the off-line files work properly?
Thanks - Gabriele.
PS=I've heard Off-line files have been completely re-written in WinVista. I believe I know the reason....
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dan Holme
Sent: mercoledì 23 aprile 2008 5.56
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
The setting is Administratively assigned offline files. User Configuration\Administrative Templates\Network\Offline Files.
Note if you're going to this extreme, really think about redirection instead.
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Robert Singers
Sent: Tuesday, April 22, 2008 11:56 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
You can solve the home drive issue by the old administratively configured offline folders\drives in the GPO somewhere that I can't remember off the top of my head.
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Dave Wade
Sent: Wednesday, 23 April 2008 2:37 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Home Folder and Remote User
Mike,
Well your VPN connection needs to work as part of the logon process, and not after logon has completed. If the user logs on with cached credentials and then connects they won't get a home drive (or logon script).
Dave Wade
________________________________
From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Mike Tharp
Sent: 21 April 2008 17:51
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] AD Home Folder and Remote User
I would like to start using the Home Folder setting in AD to map the personal drives for all my users but can't seem to get it to work for remote users. When a user is on the network the drive maps just fine however when they come in through VPN it does not map.
Does anyone know how to get it to work for remote users?
**********************************************************************
This email, and any files transmitted with it, is confidential and
intended solely for the use of the individual or entity to whom they
are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act.
If you receive this email in error please notify Stockport ICT, Business Services via email.query@stockport.gov.uk and then permanently remove it from your system.
Thank you.
http://www.stockport.gov.uk
**********************************************************************
________________________________
This e-mail message has been scanned for Viruses and cleared by NetIQ MailMarshal
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
________________________________
Please Note:
The information contained in this email message and any attached files may be confidential and subject to privilege. Any opinions expressed in this message are not necessarily those of the Department of Building and Housing. All technical opinions are offered on a 'no-liability' basis. This message and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient, you are notified that any use, disclosure or copying of this email is unauthorised. If you have received this email in error, please notify us immediately by reply email and delete the original and any attachment(s). Thank you.
________________________________
| | | |
|
|