Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Locked thread
ogreboy
Apr 1, 2003


Is it possible to have a mandatory profile that uses folder redirection?

We have a single profile for students (technically two, the XP version and Vista version) and it's set to be mandatory (renamed ntuser.dat to ntuser.man) to keep things clean and standard.

The profile weighs in at about 6 megs once our basic application set is initialized.. Can I re-direct folders like appdata to a single network share that all students read from but still make it unmodifiable ala in mandatory profiles?

I guess that sounds pretty impossible.

Adbot
ADBOT LOVES YOU

ogreboy
Apr 1, 2003


I'm in a school environment that has a relatively simple 2 domain structure:

Teacher Server (domain-1):
Teacher GPO
Office admin GPO
Tech admin GPO

Student server (domain-2):
Jr Sr Student GPO
Elementary GPO
Tech admin GPO

The OUs pretty much match up exactly with that.

This thread has opened my eyes beyond just scripting commands into login batch files... but people seem to have TONS AND TONS more GPOs going on. Am I missing something? Do you apply multiple GPOs to an OU just to keep types of settings clean and separate?

I would love to read descriptions and see pictures of really complex OU/Group Policy configurations.. I have not seen many AD configurations beyond the ones at my current job.

ogreboy fucked around with this message at 04:35 on Sep 18, 2008

ogreboy
Apr 1, 2003


BangersInMyKnickers posted:

In your environment, I question the logic of running separate domains within a single building (assuming that is your situation). It will double the number of domain controllers you need and nothing would stop you from segregating teacher and student user objects through an OU structure like you already use but in a single domain. Typically you want to set up different domains for geographically separate locations. Two within the same building would be more hassle within benefit that I can see.

I would agree and this would have made my life a lot easier, especially when we migrated to Server 2008.

Unfortunately, while I am the school admin, my hands are tied due to REALLY FRUSTRATING, STUBBORN AND ESPECIALLY ARROGANT higher IT powers especially in regard to AD design and configuration. Anyways, that's an e/n rant.

  • Locked thread