New Role – Active Directory / Identity Management Engineer

I was recently promoted to our company’s Security Team as an Active Directory / Identity Management Engineer. So most of my future posts will be aimed towards those technologies and Group Policy. I will also continue to post some hopefully helpful VBScripts and PowerShell Scripts. I still have a few draft posts that I plan to publish eventually that maybe helpful in the Windows Installer and Packaging Space however no new findings will be posted in this expertise.

Thanks for reading!


Windows XP Favorites Folder Redirection via GPOs

Per [MS-GPFR] – In Windows 2000 Server, Windows XP, and Windows Server 2003, a constant list of exactly five user profile folders can be redirected, including My Documents, My Pictures, Desktop, Start Menu, and Application Data.

[MS-GPFR]: Group Policy: Folder Redirection Protocol Extension documentation can be downloaded here.

So in other words folder redirection for Favorites and others file folders in not supported until Vista or later.

So using Folder Redirection for My Documents only I created two Group Policy objects. One GPO being the standard Folder Redirection Policy pointing serveral groups to various MyDocuments stores. With a second Group Policy object I added the following script to the logon process. The script sleeps for 30 seconds allowing time for other group policy objects to complete processing and then using special folders the script gets the MyDocuments location and appends \Favorites to the end and then populates the appropriate registry value to redirect Favorites. I additionally added a three minute timeout to the script incase the scripts hangs, not that it would, but you wouldn’t want it to hang indefinitely.

Simple Favorites Folder Redirection using Special Folders for MyDocuments

On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."

WScript.Timeout 180
WScript.Sleep 30000
Set WshShell = WScript.CreateObject("WScript.Shell")
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")

strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
strValueName = "Favorites"
strValue = WshShell.SpecialFolders("MyDocuments") & "\Favorites"
oReg.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue