a single shared “Documents” folder that:
- Replaces each user’s individual
C:\Users\username\Documents - Is the same location for all users — past and future
- Is centrally stored, e.g. on
D:\Documentson our server
Involves configuring Group Policy Folder Redirection, not just an SMB share.
✅ What we’re Trying to Achieve
| Requirement | Implementation |
|---|---|
| All users share the same folder |
Redirect all “Documents” folders to \\waglserver\Documents
|
| Applies to all current & future users | Group Policy applies at domain level to all |
| Files not stored locally per user |
Folder redirection disables use of local C:\Users\...\Documents
|
| Central backup and visibility |
You can manage/backup D:\Documents centrally
|
| Avoid user confusion | Their Documents folder appears normal, but points to shared location |
🛠 Step-by-Step Setup
🔹 1. Create the Shared Folder
New-Item -Path "D:\Documents" -ItemType Directory
New-SmbShare -Name "Documents" -Path "D:\Documents" -FullAccess "Domain Users"
Ensure NTFS permissions on D:\Documents also include Full Control for Domain Users.
🔹 2. Create a Group Policy for Folder Redirection
- On the domain controller, open Group Policy Management.
- Create a new GPO:
Name: Redirect Documents Folder
- Right-click it → Edit
In GPO Editor:
Go to:
User Configuration →
Policies →
Windows Settings →
Folder Redirection →
Documents
- Double-click Documents
- Set:
- Setting: Basic – Redirect everyone’s folder to the same location
- Target folder location: Redirect to the following location
- Root Path:
\\server\Documents
- Apply and close the GPO editor.
🔹 3. Link the GPO to our Users
- In Group Policy Management, right-click the OU where our users reside (or use the root domain if all are there).
- Choose Link an existing GPO
- Select
Redirect Documents Folder
🔹 4. Test It
Log in as a domain user and:
- Open File Explorer
- Open Documents
- We should be redirected to
\\server\Documents
Files they save in Documents will go into the shared central folder, not their profile.
⚠ Notes
- All users will see and modify the same folder. There’s no access isolation unless we do permission trickery (not recommended here).
- No local offline copies unless explicitly enabled.
- Backup is centralised — just back up
D:\Documents.
✅ Summary
| Step | Action |
|---|---|
| Create SMB share |
✔ D:\Documents shared to Domain Users
|
| Set GPO |
✔ Folder Redirection → Basic → Point to \\server\Documents
|
| Link GPO | ✔ To OU or domain |
| Result | All users’ “Documents” folder points to a shared, central location |
✅ So to Recap our Final Setup Plan
We’re choosing to:
- Keep the UNC path as
\\server\Documents - Redirect all users’ “Documents” folders to this shared location via GPO
- Avoid extra layers like drive mappings or DNS aliases
- Accept that users may see
\\serverin advanced views (like Properties), but it will “just work” from their perspective
This approach is:
- 💡 Simple: Only one folder, one policy
- 🔒 Centralised: Easy to back up, monitor, and secure
- 🧰 Easily revertible: One GPO controls everything
- 🧘 Low-maintenance (key!): No aliasing, no syncing, no scripts
🛠 Minimal Setup Summary
Here’s all we truly need:
1. Create the shared folder
New-Item -Path "D:\Documents" -ItemType Directory
New-SmbShare -Name "Documents" -Path "D:\Documents" -FullAccess "Domain Users"
2. Redirect “Documents” via GPO
- Create new GPO:
Redirect Documents - Path:
User Configuration → Policies → Windows Settings → Folder Redirection → Documents
- Settings:
- Basic
- Redirect to the following location
- Root Path:
\\server\Documents
3. Link GPO to user OU or entire domain
Done. Simple, effective.
More Musings 