SSL VPN
Reply
Contributor
marcrp
Posts: 18
Registered: ‎05-14-2009
0
Accepted Solution

Active Directory Home Folder in Windows File Bookmarks?

Hi,

 

In active directory our users have a home folder set. However they are UNC shares on 3 different servers (ServerB, ServerC and ServerD).

 

How can I create a File Borwsing resource Policy based on this? I have tried using \\<userAttr.homeDirectory> but we use AD authentication on our Juniper SSL. I have also tried \\<homedir> and \\<userhome>

 

Thanks

Trusted Contributor
SonicBoom
Posts: 195
Registered: ‎07-06-2009
0

Re: Active Directory Home Folder in Windows File Bookmarks?

i use <userattr.cn>'s Documents ( its a little more personalized) for my documents, after that its
\\networkshare\Public for public drive
from there its specific to individual groups access like accounting, marketing, finance, etc.. each one see's different drives based on AD group
Power On
http://vology.com
Contributor
marcrp
Posts: 18
Registered: ‎05-14-2009
0

Re: Active Directory Home Folder in Windows File Bookmarks?

I odn't think that will work.

 

the shares are like:

 

\\serverb\jbloggs

\\serverc\jsmith

\\serverd\jcloke

 

Users home folders are spread accross 3 servers. I want to just take their Active Directory Home Folder path and use that.

Trusted Contributor
SonicBoom
Posts: 195
Registered: ‎07-06-2009
0

Re: Active Directory Home Folder in Windows File Bookmarks?

am i correct in saying that you are creating a link to each individual user manually?

 

In my setup, based on the AD group the link automatically appears, so construction group users only see construction\home as well as that users my documents so you could make 3 profiles, then use AD to assign those profiles to the roles.

 

server A user group

\\servera\home

Server B user group

\\serverb\home

Server C user group

\\serverc\home

 



Power On
http://vology.com
Moderator
zanyterp
Posts: 2,306
Registered: ‎11-19-2007
0

Re: Active Directory Home Folder in Windows File Bookmarks?

If you are using the auth server type as AD/NT for authorization )authentication is fine), you won't be able to use any attributes. Attribute use requires LDAP for authorization (and is just better overall for both authentication & authorization unless you are in a multiple-domain-trust-req'd situation).

How is the value set on your AD server: \\server\share OR server\share? If the former, you should be able to use <userAttr.homeDirectory>\*\* in the ACL successfully.
What does your policy trace show?
Contributor
marcrp
Posts: 18
Registered: ‎05-14-2009
0

Re: Active Directory Home Folder in Windows File Bookmarks?

Spoiler
 

After setting the authorization to LDAP and setting up the bits and pieces the attributes work fine.

 

I had to use samAccountname=<username> to get it working.

 

Thanks for the help.

Moderator
zanyterp
Posts: 2,306
Registered: ‎11-19-2007
0

Re: Active Directory Home Folder in Windows File Bookmarks?

You are welcome; glad to help.

Glad to hear it is working well.

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.