proskater123 Posted September 13, 2013 Share Posted September 13, 2013 So I know it is possible to setup roaming profiles to setup network shared folders on startup based on which folder that user is allowed to access. Let me try to explain more. Lets say user 1 has acces to the network folders "sales", and "reports" but user2 only has access to network folder "sales" but not reports. When user1 logs into a computer on the domain, it would automatically map the folders Sales and reports. They log out then user 2 logs in and only sees the shares they are allowed access to. I have seen this implemented at a location but I didn't know how they set it up nor what the term of it is called. Does anyone know of an article of how to set it up? Quote Link to comment Share on other sites More sharing options...
digip Posted September 13, 2013 Share Posted September 13, 2013 You need to be joined to a domain, which requires a domain controller, DNS server, and a server itself with some sort of user directory service, ie: Windows Server with Active Directory. Once the PC is joined to the domain and has access(needs to be setup by domain admin), Active Directory on the admin side, tells what users have access to what file shares, and they can push changes to nodes joined to the network, for which shares they have access to. Other directory serves(but probably not widely used as much any more) Novell Directory Services which can run on the same network side by side with Active Directory which we had both at my last job and slowly phased out Novell in use of Active Directory for group policy enforcement and easier access to shares. You can do the same thing in linux with samba to connect to window shares as well. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted September 20, 2013 Share Posted September 20, 2013 Roaming profiles are the devil. Quote Link to comment Share on other sites More sharing options...
proskater123 Posted September 21, 2013 Author Share Posted September 21, 2013 Barry what would you recommend? Quote Link to comment Share on other sites More sharing options...
barry99705 Posted September 22, 2013 Share Posted September 22, 2013 Just use normal AD accounts, but leave the user's profile alone! Having the user's shit get copied to the server sounds like an awesome idea, until they plug their iPhone into their computer, then you're backing up their whole damn iTunes account. It will also automagically copy whatever ransomware they got off of myfacebookfarmwithfriends. Usually you find this out after 6 hours of running malware removal software and don't understand why it keeps getting reinfected when they log in. You can also setup login scripts to map network shares based on group memberships. Quote Link to comment Share on other sites More sharing options...
Dec100 Posted September 26, 2013 Share Posted September 26, 2013 I'm not sure you need to use roaming profiles for what you want to do. Roaming profiles allow users to login to different machines and still see their settings, Internet favourites, etc. As mentioned, these are usually a massive pain in practice. Sounds like you are just asking about mapping certain network drives for users based on something like AD group membership? That is pretty easy with GPO - http://blogs.technet.com/b/askds/archive/2009/01/07/using-group-policy-preferences-to-map-drives-based-on-group-membership.aspx Quote Link to comment Share on other sites More sharing options...
proskater123 Posted September 27, 2013 Author Share Posted September 27, 2013 My main objective was to deploy this in a law firm where the secretaries move around all the time. We watned it so that if a computer went down, they would still haave all their data; we would be able to just throw a new comuter in that spot and vola they are back to work while we work on the faulty computer. Quote Link to comment Share on other sites More sharing options...
Dec100 Posted September 27, 2013 Share Posted September 27, 2013 My main objective was to deploy this in a law firm where the secretaries move around all the time. We watned it so that if a computer went down, they would still haave all their data; we would be able to just throw a new comuter in that spot and vola they are back to work while we work on the faulty computer. You could even do login scripts on the user AD accounts for that. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.