Axcient Knowledge

●  Status of Axcient Services
Submit a Ticket View My Cases

    Axcient Knowledgebase  /  Axcient x360Recover  /  ------About x360Recover  /  BRC | Fusion FAQS  /  BRC archive  /  BRC Archive  /  BRC FAQs & troubleshooting  /  BRC Troubleshooting  /  BRC - Windows Folder Redirection Guidelines

    BRC - Windows Folder Redirection Guidelines

    Super Administrator

    Written By Tami Sutcliffe (Super Administrator)

    Updated at August 31st, 2023

    The default permission for Windows folder redirection is to grant the user exclusive rights. 

    This means an administrator does not have read access to the redirected folders to back them up.

    To set permissions so Axcient BRC can back up the folders, do the following:

    1. Create a share folder as the root of all redirected folders on the server hosting the redirected folders. Set the permissions as follows:

    • Share Permissions:
      • Everyone – Full Control
      • Administrators – Full Control
      • System – Full Control
    • NTFS Permissions (in all cases except for note #1 below):
      • Everyone – Read and Execute
      • Administrators – Full Control
      • System – Full Control
    • NTFS Permissions (when note #1 applies):
      • Everyone – Create Folder/Append Data (This Folder Only)
      • Everyone – List Folder/Read Data (This Folder Only)
      • Everyone – Read Attributes (This Folder Only)
      • Everyone – Traverse Folder/Execute File (This Folder Only)
      • CREATOR OWNER – Full Control (Subfolders and Files Only)
      • System – Full Control (This Folder, Subfolders and Files)
      • Domain Admins – Full Control (This Folder, Subfolders and Files)

    2. Start the Group Policy Manager (Start > Control Panel > Administration Tools > Group Policy Manager).

    3. Create a new Group Policy Object (GPO) called Folder Redirection:

    • Open the tree to the target domain.
    • Right-click on Group Policy Objects and select New.
    • Enter the name Folder Redirection and click OK.

    4. Expand the Group Policy Objects folder, right-click on the newly created Folder Redirection entry, and select Edit.

    5. The Group Policy Management Editor window appears. Folder Redirection appears at the top of the tree.

    6. Expand to User Configration > Polices > Windows Settings > Folder Redirection.

    7. Enable folder redirection for a desired target (such as Desktop or Documents):

    • Select the target, right-click, and select Properties to display the properties window for that target.
    • Click the Target tab. In the Setting field, select “Basic – Redirect everyone’s folder to the same location.”
    • In the Root Path field, enter \\server_name\share_name\ where server_name is the name of the server and share_name is the name of the share folder you created in step 1.
    • Click the Settings tab. Uncheck the box next to “Grant the user exclusive rights to My Documents”.
    • When both the Target and Settings tab fields are correct, click the OK button.

    8. Repeat step 7 for each desired target (Desktop, Documents, Pictures, and so on).

    9. When all settings are configured, link the GPO to the appropriate target (the root level domain, child domain, or any organizational unit):

    • For the root level domain, return to the Group Policy Management window and right-click on the domain. (Adjust accordingly for other targets.)
    • Select “Link an Existing GPO”.
    • A link window appears. Select the newly created Folder Redirection GPO, and click OK.

    10. To test that the configuration is correct, reboot the client machine and then log in as a user. If folder redirection is successful, the follow event appears in the application log:

    Event ID: 401
    Source: Folder Redirection
    Description: Successfully redirected My Documents. The folder was redirected from
    <original_path> to \\server_name\share_name\user_name\My Documents.

    Notes:

    1. Use the step 1-c NTFS permissions when group policy is configured to redirect to a location where the GPO will automatically create the destination folder (user’s individual Application Data, Desktop, or My Documents folder).

    2. User configuration settings in Group Policy take effect at the first log in after the policy is saved and replicated to the user’s login service.

    3. Computer configuration settings in Group Policy take effect when the machine reboots and logs on to Active Directory. Therefore, you must reboot a terminal server before new computer configuration settings are applied.

    4. The following error message indicates the user still has exclusive rights. If you see this message, repeat step 7-d.

    Event ID: 101

    User: <name>

    Computer: <name>

    Description:
    Failed to perform redirection of folder <name>.

    The new directories for the redirected folder could not be created.

    The folder is configured to be redirected to <path>.

    The following error occurred: Access is denied.

    Related Articles

    BRC - Replace a RAID cache module for a rack-mounted appliance

    Problem: The user needs to replace the RAID cache module for rack-mounted units C...

    BRC - Important information regarding replacement of motherboard in HP Hardware

    If HP ever needs to go onsite and replace a motherboard for an Axcient Appliance,...

    BRC - Appliance loses connection to Web Application

    Problem: The appliance will lose connectivity with the Axcient Web Application, d...

    BRC - Replication fails with bad mount point

    Problem: The user sees the following error after a replication job fails: Type of...