As you suggested, I've been looking on other forums and sites
regarding Windows Home Server, and although it's a hot topic, the
general/official concensus appears to be as you described: neither a
domain controller, nor able to join one. I also learnt that it is a
"subset" (which I assume means a smaller version) of MS Small
Business Server, which, again, you also suggested! Naturally, I
looked into that, and learnt that 2008 will be released in November.
Yes, I believe so.
I don't know if you can shed any light on that version, or whether
it will still backup client data in the same way as Windows Home
Server?
No idea, but I find it doubtful. With AD it's far more common to
store all data on the server, and nothing at all on workstations.
Workstations should be viewed as somewhat interchangeable and
generic, in my view.
Also, I take it SBS 2008 will still work fine with HP MediaSmart
Server? ]
No idea...the hardware requirements will be pretty extreme.
And is it installed on the server or on each client - like
WHS?
You install SBS2008 on your server hardware. The client OSes can be
Win2k, WinXP Pro, or Vista Business.
Back to the issue of folder redirection: is it possible to redirect
vaious directories from multiple PCs to one directory?
You don't redirect from a PC - you redirect from a profile folder,
such as My Documents, Application Data, Desktop - to folders on the
server, usually under a parent folder such as
\\server\sharename\%username%\My Documents, etc. .
And if so,
what is the process when a directory or file have the same name? I'm
thinking primarily about redirecting the Shared Documents paths of
each PC to one 'merged' tree on the server.
It doesn't work quite like that. It has nothing to do with local
folders. You can set up shares on the server, and users can access
them - instead of the local shares. I tend to get rid of all local
shares and don't let users create them.
Finally, assuming everything discussed is set up, and I decided
roaming profiles were for me, would it be possible to 'merge'
default Administrator accounts from PCs on the workgroup/LAN?
No....
If so, how? If
not, what is usually done with default accounts when a roaming
Administrator account is set up?
There's no roaming administrator account. There's a domain account
(which is not related to your local accounts). You can set up
roaming *profiles* (my lengthy post described how) but I think
you're still a little unclear on AD and domain profiles - it's hard
to know how to answer your questions.
Thanks, by the way, for all this help!
:
I'm not sure what you mean by "set up a lab (either physical or
virtual) and download an eval of Windows server". Can you explain?
I'm not sure what's unclear, sorry. A lab is a test network.
Physical means you have a bunch of machines on this test network.
Virtual means you use virtualization software, such as VMWare or MS
Virtual Server or ....Workstation. Eval is evaluation. Does that
help to clarify?
You also mentioned that I can't use Windows Home Server, which is
what I envisioned getting. What's the problem there?
As far as I'm aware, Windows Home Server can't be used as a domain
controller. I don't use it, though. You'd want to look up
documentation or post in a server group for that.
Finally, you stressed folder direction (which I've also been
looking into) for all data, which I wasn't planning.
If you really do use roaming profiles you must use folder
redirection, or it will barf at some point.
My main intention for a
home server (HP MediaSmart) is to redirect shared files to be
available across the home network so other PCs won't need to be
on, and as a backup resource.
That sounds fine.
However, your emphasis on tiny profiles
makes me wonder whether roaming profiles are practical for my
intended setup.
No, and not possible, as far as I know. Nor are they necessary.
Other than wanting to control everything from one profile, I want
to be able to configure/set policies for individual
accounts/groups, which I'm lead to believe can only be done with
AD.
Yes, that's correct.
An important point is that I'm also intending to upgrade to Vista
Ultimate. There must be some way I can do this?
I don't use or support Vista, but I know Vista Business can join a
domain. Don't know about Ultimate.
Good luck
:
My instant reaction was "What's AD?", but from a combination of
another forum discussion and the help file I'm guessing yo're
referring to Active Directory?
Yes.
I certainly don't have roaming profiles at the moment as I have
no server,
OK.
but am on the verge of getting one. I've been studying about
Group Policy but need to familiarise myself more with the
setting up of OUs, domain and Active Directory. Plus, of
course, my original question. If you can help that'd be great!
I suggest you set up a lab (either physical or virtual) and
download an eval of Windows server, XP Pro, and try setting up an
active directory environment. Without this there's nothing you
can test or play with. You can't use Windows Home Server (if
that's what you've got).
MS Small Business Server would be a good place to start if you
can get your hands on a copy.
My boilerplate on roaming profiles is below...
********************
General tips:
1. Set up a share on the server. For example - d:\profiles,
shared as profiles$ to make it hidden from browsing. Make sure
this share is *not* set to allow offline files/caching! (that's
on by default - disable it)
2. Make sure the share permissions on profiles$ indicate
everyone=full control. Set the NTFS security to administrators,
system, and users=full control.
3. In the users' ADUC properties, specify
\\server\profiles$\%username% in the profiles field
4. Have each user log into the domain once - if this is an
existing user with a profile you wish to keep, have them log in
at their usual workstationand log out. The profile is now
roaming.
5. If you want the administrators group to automatically have
permissions to the profiles folders, you'll need to make the
appropriate change in group policy. Look in computer
configuration/administrative templates/system/user profiles -
there's an option to add administrators group to the roaming
profiles permissions. Do this *before* the users' roaming profile
folders are created - it isn't retroactive.
********************
Notes:
Make sure users understand that they should not log into multiple
computers at the same time when they have roaming profiles
(unless you make the profiles mandatory by renaming ntuser.dat to
ntuser.man so they can't change them, which has major
disadvantages),. Explain that the 'last one out wins' when it
comes to uploading the final, changed copy of the profile. If you
want to restrict multiple simultaneous network logins, look at
LimitLogon (too much overhead for me), or this:
http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8768
********************
Keep your profiles TINY. Via group policy, you should be
redirecting My Documents (at the very least) - to a subfolder of
the user's home directory or user folder. Also consider
redirecting Desktop & Application Data similarly..... so the user
will end up with:
\\server\users\%username%\My Documents,
\\server\users\%username%\Desktop,
\\server\users\%username%\Application Data.
[Alternatively, just manually re-target My Documents to
\\server\users\%username% (this is not optimal, however!)]
You should use folder redirection even without roaming profiles,
but it's especially critical if you *are* using them.
If you aren't going to also redirect the desktop using policies,
tell users that they are not to store any files on the desktop or
you will beat them with a stick. Big profile=slow login/logout,
and possible profile corruption.
********************
Note that user profiles are not compatible between different OS
