We are using Cifs on our filer and everything is Hunky Dory except for offline file synchronization for our laptop users.
When they try to sync they get an access denied error (see attached). The user have full control over the folders/files, I have made them owners and made sure all rights are propergated down.
Using the same rights offline synching works fine on our SAN or direct storage solutions
Now to the very odd part If I log onto the laptop as an adminstrator sync'ing works fine to the filer (to the same users files that not sync'ing) - when i log back in as the user, syncing there on works fine
I'm totally stumped and I would be grateful for any idea, hints of leads that you could give
We have 7.3.3 and still have the problem.....here is what I know of the issue.
We set up a home directories share (just like the documentation says). This next step should not matter, but we create the user home directory share through Active Directory. We use the Home Folder connect radio button and path under the Profile tab of each user. It is great because it automatically creates the folder and assigns the appropriate permissions....
Okay so then I now have home directories in the vol/authhome directory. So lets take for example a user named 'jdoe'. Jdoe logs in and gets a map of H:\authhome\jdoe$. However they are fully able to UNC to \\filer\jdoe$, so the shares are working perfect at this point. When that user goes through explorer and expands the mapped share, right clicks on ANY folder and says make available offline, you get access denied errors. I am 99.999% sure the access denied errors are coming from the authhome share. If we disconnect the share and remap using \\filer\jdoe$ the offline sync works fine.
So, in all of this I am not certain how else to do the shares. I went them to automatically map when a user logs into windows, but you can't make a home directory any other way than having a root share first. in my case authhome......so I am convinced it doesn't matter what version you are running you are not going to get this to work.
Just thought I'd add my experience as we've just set-up a new Win7/Win2008 R2 environment with home folders on a NetApp filer.
We have folder redirection set-up and offline files and we found at first that re-direction worked fine but offline synchronization would fail with access denied.
The key with offline sync is permissions on the root home folder share. For folder re-direction only the home share only needs the following permissions: -
Creator Owner - Full Control - Sub Folders and Files Only
Administrators - Full Control - This Folder, Sub Folders and Files (Can be different if you don't want Admins to have access to personal user data)
SYSTEM - Full Control - This Folder, Sub Folders and Files
Users - Create Folder/Append Data & List Folder/Read Data - This Folder Only
Note: Users can be Domain Users, Authenticated Users, Everyone or a specific group depending on how secure you want to be.
Now the key for us to get offline sync to work was to change the User permission to have the following access: -
Create Folder/Append Data
List Folder/Read Data
Read Extended Attributes
- This Folder Only
We still have one issue where offline files goes into a disconnected state randomly even if connected directly to the network. Sometimes it comes back itself after a few minutes and sometimes it requires a reboot.
Are you experiencing this problem with the following:
All shares presented offline
This can help to determine where and how the problem may exist in your environment.
If you happen to have the CSC tool, you can use that to take a look at your local cache of data on your workstation and see what might be going on and any issues at fault. I've seen problems like this in the past, especially in contexts where you have shared machines, or users who lack Administrative access to their local machine (Independent of filer)
As an entirely local problem, you may want to try re-initializing the local CSC cache for Offline shares