A nice feature of Active Directory’s (AD’s) Group Policy Objects (GPOs) is folder redirection, which was introduced in Windows 2000. In folder redirection, special folders typically found on users’ local computers are moved to a server. This is often done to ensure those folders will be backed up regularly. However, Windows restricts its use to only four user folders—Application Data, Desktop, My Documents, and Start Menu—without giving you an option to redirect other folders.
Sometimes companies might want to redirect other special user folders. A common scenario is a company that doesn’t want to use roaming profiles because they make clients heavily dependent on file servers, consume a lot of bandwidth, and use a lot of server disk space, but the company finds that redirecting only the four folders is inadequate. Redirecting other folders such as Cookies, Favorites, Recent Files, and SendTo consumes little disk space but offers the advantage of saving users a lot of time because these folders are available on all computers they log on to.
Although you can’t use GPOs to redirect more folders, you can redirect them by tweaking the registry. Settings for users’ special folders reside in the HKEY_CURRENT _USER\Software\Microsoft\Windows CurrentVersion\Explorer\Shell Folders and HKEY_CURRENT_USER\Software\Microsoft Windows\CurrentVersion\Explorer\User Shell Folders keys. To achieve redirection, you must tweak both keys at the same time.
For example, suppose you want to move the Favorites folder from users’ local machines to your server. All you have to do is follow these steps:
1. In the Shell Folders and User Shell Folders keys, set the Favorites entry to the value of \\ServerName RedirectedFolders\%username%\Favorites, where ServerName is the name of the server on which the Favorites folder will reside. Note the %username% variable in the value. By using this variable instead of hard-coding a user’s name, you can use a logon script to change the registry settings in many machines.
2. Export the settings for the Shell Folders and User Shell Folders keys to a .reg file. Delete all but the Favorites settings, so that the .reg file looks like that in Figure 1.
3. Copy the .reg file to a shared folder on the DC, such as a folder created for scripts and their associated files.
4. Create the following logon script to import the .reg file into the registry:
net use X: "RegFilePath" reg.exe import X:\RegFile net use X: /d /y
where X is the drive on which the .reg file is stored (e.g., Z), RegFilePath is the path to the .reg file (e.g., \\DC1\Scripts), and RegFile is the name of the .reg file (e.g., Favorites.reg). This script uses the Net Use command to connect to the shared folder containing the .reg file. After the connection is made, the reg.exe import command copies that file’s contents into the registry. Finally, the script uses the Net Use command to delete the connection that was temporarily created.
Alternatively, you can use a logon script that contains only one line:
reg.exe import RegFile
In this case, RegFile needs to contain the full pathname to the .reg file (e.g., \\DC1 Scripts\Favorites.reg).
5. To run this script, create or open an existing GPO, then navigate to User Settings\Windows Settings\Scripts\Logon. Add the script to the Logon scripts dialog box. Close the GPO.
Although there are other ways to make these registry changes (e.g., creating your own .adm files, using Windows Management Instrumentation’s System Registry provider in a .vbs script), I prefer this method because of its simplicity. I successfully used it to redirect the Favorites, SendTo, and Recent folders from many Windows XP machines to a server. Before you deploy this solution, be sure to thoroughly test it.
—Apostolos Fotakelis, systems administrator,
Aristotle University of Thessaloniki,
and freelance IT consultant