Folder Redirection/Logon Script

By m0p
in Microsoft (Windows)

 Share

Recommended Posts

Neowinian

m0p

Posted
Posted

Hi, I?ve recently installed windows 2003 Server enterprise edition (my first real server environment). Created a DC, and a login script for some AD users. The purpose of the login script is to map a few network drives and a printer. The script works fine.

The problem I?m facing is, if a new user who doesn't have a profile on the local pc to which they are loggin on to ( i.e in c:\documents and settings\username" .. the script doesn't get executed, but after the first logon and there after, it gets executed fine.

The same also applies to folder redirection, made a custom GPO, applied to an OU, which the users are under. The folder is not created on server, on users first initial logon. As usual on logons & there after, redirection works fine.

So what is the solution to get things working on first logon if no profile for the user exists? I would assume making some type of default profile on the server...and roaming profiles. Which I heard is a thing of the past....

Any tips tricks is appreciated

Thanks

Link to comment
https://www.neowin.net/forum/topic/392897-folder-redirectionlogon-script/
Share on other sites
Mentor

garethevans1986

Posted
Posted

Lookup AD User creating -script side....

Create a script which will add the user to AD and create a folder for their profile in the directory where the profiles are.....It may take some time to develop but will be worth while as this will be a script where you enter the username, password and OU and it will create everything from there....

Thing is the script thing is MCSE/MCSA stuff.

Just an idea off the top of my head.

ChocIST

Grand Master

MazX_Napalm

Posted
Posted

With folder redirect the profile is only conpleted when the user logs off the first time.

I use the MS best practice of two folders, Profile$ and Data$. Profile$ holds the profile and Data$ holds the data. When the user first logs on only the profile is created. When the user logs off then the data is created.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft shares "immediate remediation" script if you deleted this Windows system folder

      By hellowalkman · Posted

      Microsoft shares "immediate remediation" script if you deleted this Windows system folder by Sayan Sen Following the Windows 11/10 Patch Tuesday updates for April 2025, users began noticing a new and mysterious "inetpub" folder in the C: directory. What added to the intrigue was that the folder seemed empty for many people, and thus it was assumed that it could be malicious. As such, many users even proceeded to delete the folder. However, as it turns out, Microsoft later confirmed that this folder was indeed part of the April Patch as it was delivered against the CVE-2025-21204 escalation of privilege security vulnerability. Curiously, a security researcher found that interpub itself could also in turn help threat actors permanently block Windows security updates, although, according to the tech giant, it is only categorized as a "moderate" severity at the moment, something that does not require immediate servicing. As such, Microsoft insists that inetpub must not be deleted "irrespective of whether Internet Information Services (IIS) is active." The company shared a new PowerShell script to restore the folder in case you deleted it, adding that it requires "immediate remediation." This reminds us of the recent Defender definition updates that were released for Windows image files against Lumma. In its MSRC advisory, Microsoft cautioned: "For systems with KB5055528 installed but %systemroot%\inetpub directory deleted, immediate remediation is required. If the inetpub directory has been deleted, you need to run the remediation script Set-InetpubFolderAcl.ps1. This script will: Recreate the inetpub directory if it has been deleted. Ensure that the directory permissions are correctly configured to prevent unauthorized access and potential vulnerabilities related to CVE-2025-21204. Update ACLs for the DeviceHealthAttestation directory, if it exists. This directory was created on certain Server versions by the February 2025 security updates. The script will update the ACLs for the DeviceHealthAttestation directory to ensure it is secure." To get the script, users can head over to this page on Microsoft's official PowerShell Gallery website. It should be run with elevated privileges. The page also provides some additional instructions if needed.
    • Showing people how to self host their own media is harmful, according to YouTube

      By +DonC · Posted

      Thanks, Streisand Effect!
    • Politically funny images of the World

      By +primortal · Posted

    • Microsoft 365 Word gets SharePoint eSignature, now you can ditch third-party signing tools

      By wrack · Posted

      Looks pretty good. Alternative to DocuSign.
    • The official Funny Pictures thread

      By +Edouard · Posted

      Three words...Fu**ing Hell Mate!  

  • Recent Achievements

    • Mentor
      Karlston went up a rank
      Mentor
    • One Month Later
      EdwardFranciscoVilla earned a badge
      One Month Later
    • One Month Later
      MoyaM earned a badge
      One Month Later
    • One Month Later
      qology earned a badge
      One Month Later
    • One Year In
      Frinco90 earned a badge
      One Year In

  • Popular Contributors

    1. 1
      +primortal
      489
    2. 2
      snowy owl
      258
    3. 3
      +FloatingFatMan
      253
    4. 4
      ATLien_0
      217
    5. 5
      Xenon
      152
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!