User "home" mapping to root of share

I am running into a very strange and migratory issue. A small number of
users are having intermittent issues accessing thier "home" directory.

Each user has a "HOME" directory set up in their AD account profile. That
directory is mapped to the "Z:" drive letter assignment.
The user HOME directory is established in a "USERS" folder which is shared
on thier home server, so the path ends up being
\\%servername%\users\%username% (The network is broken up into IP subnets
with each user's home folder located in a share on a server physically
located in the same subnet that they most typically are operating from, and
which also hosts their most frequent applications and shared data files, so
it is not the same server for all users.)
We redefine the "My Documents" to point to "Z:\" instead of the personal
profile stored on the local hard drive.
Folder security is set up so that a typical user has access to thier own
HOME folder and nobody else's.
The problem manifests by the users reporting a message that they are not
authorized to acess either the Z: or My Documents reference. When I check
the situation, Z: is mapped to the root of the share (\\%servername%\users)
instead of the individual home folder.
Occasionally, the problem may resolve itself after repeated log-off or
re-starts.
The definitive workaround I have found is to disconnect the Z: mapping
before loging off and back on.
All of the servers are Windows Server 2003, SP 2, but the problem is
affecting users homed on multiple servers/
The client PCs are Windows XP Pro, running a mix of SP 2 and SP 3 (I ran
into this last week on a system that was re-built at SP3 and fully patched
before being returned to the user just a week before.)

I need to find a definitive solution but I am at a loss as I cannot see any
common features. Is this a known issue with a fix out there?

"C. Newell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>I am running into a very strange and migratory issue. A small number of
>users are having intermittent issues accessing thier "home" directory.
>
> Each user has a "HOME" directory set up in their AD account profile. That
> directory is mapped to the "Z:" drive letter assignment.
> The user HOME directory is established in a "USERS" folder which is shared
> on thier home server, so the path ends up being
> \\%servername%\users\%username% (The network is broken up into IP subnets
> with each user's home folder located in a share on a server physically
> located in the same subnet that they most typically are operating from,
> and which also hosts their most frequent applications and shared data
> files, so it is not the same server for all users.)
> We redefine the "My Documents" to point to "Z:\" instead of the personal
> profile stored on the local hard drive.
> Folder security is set up so that a typical user has access to thier own
> HOME folder and nobody else's.
> The problem manifests by the users reporting a message that they are not
> authorized to acess either the Z: or My Documents reference. When I check
> the situation, Z: is mapped to the root of the share
> (\\%servername%\users) instead of the individual home folder.
> Occasionally, the problem may resolve itself after repeated log-off or
> re-starts.
> The definitive workaround I have found is to disconnect the Z: mapping
> before loging off and back on.
> All of the servers are Windows Server 2003, SP 2, but the problem is
> affecting users homed on multiple servers/
> The client PCs are Windows XP Pro, running a mix of SP 2 and SP 3 (I ran
> into this last week on a system that was re-built at SP3 and fully patched
> before being returned to the user just a week before.)
>
> I need to find a definitive solution but I am at a loss as I cannot see
> any common features. Is this a known issue with a fix out there?
>

You must be mapping Z: in your logon script. Your problem sounds similar to
a problem reported years ago, but only on old clients like Win9x. See this
link for a description:

http://www.rlmueller.net/File_Not_Found.vbs.htm

I don't see how this could apply to you, but the symptoms are similar. Also,
do you not take advantage of the synchronization of the NetLogon share
between DC's? Are your users are tied to one specified DC? If the DC is not
available, or is not the closest DC, there could be problems. Maybe you
should consider using Group Policy to configure your logon scripts.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

C. Newell <(E-Mail Removed)> wrote:
> I am running into a very strange and migratory issue. A small number
> of users are having intermittent issues accessing thier "home"
> directory.
> Each user has a "HOME" directory set up in their AD account profile. That
> directory is mapped to the "Z:" drive letter assignment.
> The user HOME directory is established in a "USERS" folder which is
> shared on thier home server, so the path ends up being
> \\%servername%\users\%username% (The network is broken up into IP
> subnets with each user's home folder located in a share on a server
> physically located in the same subnet that they most typically are
> operating from, and which also hosts their most frequent applications
> and shared data files, so it is not the same server for all users.)
> We redefine the "My Documents" to point to "Z:\" instead of the
> personal profile stored on the local hard drive.
> Folder security is set up so that a typical user has access to thier
> own HOME folder and nobody else's.
> The problem manifests by the users reporting a message that they are
> not authorized to acess either the Z: or My Documents reference. When I
> check the situation, Z: is mapped to the root of the share
> (\\%servername%\users) instead of the individual home folder.
> Occasionally, the problem may resolve itself after repeated log-off or
> re-starts.
> The definitive workaround I have found is to disconnect the Z: mapping
> before loging off and back on.
> All of the servers are Windows Server 2003, SP 2, but the problem is
> affecting users homed on multiple servers/
> The client PCs are Windows XP Pro, running a mix of SP 2 and SP 3 (I
> ran into this last week on a system that was re-built at SP3 and
> fully patched before being returned to the user just a week before.)
>
> I need to find a definitive solution but I am at a loss as I cannot
> see any common features. Is this a known issue with a fix out there?

1) This is a known issue if you run XP clients and don't enable the "Always
Wait for Network at Computer Startup and Login" setting via group policy.
Easy to fix, fortunately :-)

2) Home folders are a pretty archaic concept and you really don't need them
anymore. They just mean one more headache when you want to add users/migrate
users/folders to another server. Instead, I suggest you take a look at "How
to dynamically create security-enhanced redirected folders by using folder
redirection in Windows 2000 and in Windows Server 2003"
http://support.microsoft.com/kb/274443

You can set everyone to redirect to \\server\home$ in the policy. So
everyone gets \\server\home$\username\My Documents. And you can even map
that to a drive letter in your login script.