C
C
CJSC MetroCraft2019-12-08 17:53:06
Active Directory
CJSC MetroCraft, 2019-12-08 17:53:06

How to set up AD user profiles in this way?

Hello!
There is a task - you need to organize the work of AD in this way: ONLY user data (passwords, etc.) is stored on the domain controller. User files and folders are stored on the VHD. The size of this Vhd is constant, and each user has his own. When the user logs into the computer, this VHD is dropped from the server and mounted as the user's folders (Documents, Downloads, etc.). When the user logs out, the data is stored in the VHD, which in turn is stored on that computer. When the user logs in again from this computer, this vhd is mounted again in the same way, if from another, the virtual disk moves over the network to the desired computer and everything repeats!
How to implement this and what is needed ?!
Tell me, please, without ignoring!
Ps Please, do not write phrases like this for what it is, since this task!

Answer the question

In order to leave comments, you need to log in

6 answer(s)
C
CityCat4, 2019-12-08
@CityCat4

The user comes to work and turns on the computer.
And his computer is so cheerful, it takes off documents for half an hour - all this time the user smokes, drinks coffee, chats with nice colleagues of the opposite sex ... and the employer pays him during this time! (because I did not provide him with working tools)
The user leaves work and logs out of the system.
And his computer cheerfully starts to merge documents onto a server. And at that time there was an accident at the substation, power was lost. The server one is on ups, but the user's car (even on ups) did not complete the synchronization. And all the achievements for the day of the user - went to / dev / null. And the employer will pay for it - because nothing depended on the user - he worked honestly!
Even if the employer then gets the opportunity to chain you to the workplace and force you to work 18 hours a day, feeding him doshirak - this will not console him ...
You wrote such enchanting nonsense here :) And I have not yet considered the network bandwidth - with parallel work at least three or four people, she will simply lie down. And in the morning everyone will need a network!

A
akelsey, 2019-12-08
@akelsey

hehe, I'll take a look, I'll smoke on the sidelines, wait until the VHD becomes at least 10GB... how the task manager will be hung up for some sensitive place... When copying 100 files of 10GB each at the beginning of the working day over the network...

A
Armenian Radio, 2019-12-08
@gbg

Shove that idea back into the stupid head that gave birth to it. Suggest to the bad head to use RDP. It is impossible to steal data from a user's laptop, which is sitting under a palm tree, if the data is not there.
How are you going to synchronize the VHD when dumping its bay from / to the user's machine - it's incomprehensible to the mind. You can show my post to the author of the bad idea.

N
nApoBo3, 2019-12-08
@nApoBo3

It may not be possible to implement this in standard ways, you need to look at the order of loading the profile and executing logon and logoff scripts. It should be understood that any change to vhd will result in copying the entire file from disk, plus any corruption will result in inaccessibility of all files.
In general, this is a so-so idea, trying to pull an owl on a globe usually results in the owl breaking. Describe the problem for which it is proposed to use such an exotic method.

V
voltage0, 2019-12-12
@voltage0

Good afternoon. I will not be able to suggest how to implement what was conceived for workstations. But a similar mechanism has been implemented for terminal services starting with Windows Server 2012. The user connects to the terminal server, a vhd disk with the user profile is connected to the server via smb. You can google on User Profile Disks.

Z
Zar747, 2019-12-13
@Zar747

And why such hemorrhoids? well, make a vhd to which I will redirect the desktop, documents, etc. ... well, to the edge of the user profile ....
this is in MS out of the box, it is configured in the gpo ...
If you need to encrypt everything, then the output is only forced to 01 :00AM(for example) cut off all machines and encrypt the disk. and in the morning, decipher it with your hands and let everyone work.
what is the point of your question?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question