Home folders renamed to My Documents

When you redirect users home folders to network share the folders are show as My Documents folder.

This is a bug in
http://support.microsoft.com/kb/947222

Solution:

Do not grant the Read permission to the administrator for the Desktop.ini files on the server. To do this, follow these steps:

Note If more than one Desktop.ini file exists, follow these steps for all the Desktop.ini files.

  1. Right-click the Desktop.ini file, click Properties, and then click the Security tab.
  2. In the Group or user names pane, click Administrators.
  3. Click to select the Deny check box for the Read permission.
  4. Click OK.

If you have 1000+ home folders this is not great thing to do Sad smile

Richard Willis created a nice script that will do it for you Open-mouthed smile
You need only change the groupName to the group that you will give deny read permissions.
Save the script in de home folder where all the “My Documents” are and run the script.

The Script:
———————————————————————————————————–

$folders = Get-ChildItem | where-object {$_.psiscontainer};
foreach ($folder in $folders)
{
$desktopIni = Get-ChildItem $folder -Filter desktop.ini -Force
if ($desktopIni -ne $null)
{
$Acl = Get-Acl $desktopIni.FullName
$Ar = New-Object system.security.accesscontrol.filesystemaccessrule `
("groupName","Read","Deny")
$Acl.SetAccessRule($Ar)
Set-Acl $desktopIni.FullName $Acl
}
}

———————————————————————————————————-

One thought on “Home folders renamed to My Documents”

Leave a Reply