Question : Possible to use different folder redirection for the same user when logging on to different machines?

I manage the network for a small school that recently deployed laptops for the teachers. Last year we used offline files and folder redirection to keep the laptops mobile profiles in sync with the network. However, we were frustrated by this experience finding that occasionally we'd have syncing problems and the teachers files would disappear until their next reboot and also that the syncing was slow and error prone. We've found an alternative in a commercial product SyncBackup SE that seems to work well in our tests. So I'd like to setup the laptops to use locally stored profiles and disable offline files. We would then handle data syncing with syncbackup.

However, I still want the teacher's desktop machines (and any other computer they log into on site) to use a redirected folder for their My Documents, Desktop, etc...

At present, the teacher's use the same account network account on site and on their laptops (which is convenient for managing permissions, logon scripts, etc... So what I want is to have folder redirection policies applied when the user's logon to the on site systems, but no redirection policies when they log on to the laptops. Is this possible with group policies? How would I go about doing it?

Thanks!

Answer : Possible to use different folder redirection for the same user when logging on to different machines?

Policies roll like this:

When multiple group policy objects are assigned, the group policies are applied in the following order:
The local group policy object is applied first. Then, the group policy objects linked to sites are applied.
If multiple GPOs exist for a site, they are applied in the order specified by an administrator. GPOs linked to the domains are applied in the specified order.

Finally, GPOs linked to OUs are applied. The OU group policy objects are set from the largest to the smallest organizational unit, i.e., first the parent OU and then the child OU.

THIS PART IS CRITICAL...By default, a policy applied later overwrites a policy that was applied earlier. Hence, the settings in a child OU can override the settings in the parent OU.
Group policy settings are cumulative if they are compatible with each other. In case they conflict with each other, the GPO processed later takes precedence.

In the case of a tie the computer policy would win, but that is not as important as the information listed above.

Then, there is the order in which the links are applied. You should have one GPO that defines computer configuration settings, and a separate GPO that defines user configuration settings. Say they are both linked at the domain. Well, you can have the user GPO processed first, then have the computer processed second which would determine that policy is enforced. Here are some other methods to tweak your GPO processing:

The following are the exceptions with regard to the above-mentioned settings:
No Override: Any GPO can be set to No Override. If the No Override configuration is set to a GPO, no policy configured in the GPO can be overridden. If more than one GPO has been set to No Override, then the one that is the highest in the Active Directory hierarchy takes precedence.

Block Policy Inheritance: The Block Policy Inheritance option can be applied to the site, domain, or OU. It deflects all group policy settings that reach the site, domain, or OU from the object higher in the hierarchy. However, the GPOs configured with the No Override option are always applied.

Loopback setting: By default, users settings override computer settings in case of any conflict in policy settings. By configuring loopback setting, an administrator can reverse the process of the application of policies. When the Loopback option is configured, the computer settings take precedence on the users settings. The Looback option can be set as Not Configured, Enabled, or Disabled. The enabled Loopback option can be set in the following two modes:
Replace mode: In this mode, the computer policy settings override the user policy settings. Or, Merge mode: In this mode, the computer policy settings are appended to the user policy settings

The group policies are inherited from parent to child within a domain. They are not inherited from parent domain to child domain. The Following are the rules regarding group policy inheritance:
A policy setting is configured (Enabled or Disabled) for a parent OU, and the same policy setting is not configured for its child OUs. The child OUs inherit the parent's policy.

A policy setting is configured (Enabled or Disabled) for a parent OU, and the same policy setting is configured for its child OUs. The child OUs settings override the settings inherited from the parent's OU.
If any policy is not configured, no inheritance takes place. Compatible policy settings configured at the parent and child OUs are accumulated. Incompatible policy settings from the parent OU are not inherited.

Random Solutions

Tracking Mobile Phones to an area

Cisco Rate Limit

Export Member List from AD groups

The name "<DOMAIN> :1d" could not be registered on the Interface with IP address

NTBACKUP errors with HP DLT Vs80i tape drive

CUCM 6.1 - Cannot here either recipient or originators voice when calling out to cell phone

Port 80 seems to be blocked

Which is better among ICS and RRAS ?

ADSL technolohy meeting