Yes you can. The scenario here is we have set up our clients, through Group Policy, to redirect the desktop to a server. I have also set up a files screen on the shared folder that will host the data. This file screen is configured to block .TXT files. When the user tries to create a .TXT file on their desktop, they are prevented from doing so. Below is the setup procedure to do this.
Step 1: configure the folder to hold the user data.
I created a folder on my server
Next I shared it by right clicking the folder and selecting Properties.
Click Advanced Sharing.
Click Permissions.
Click Add
In the Enter the object names to select box, type Authenticated Users and click Check Names.
Click OK
Click Authenticated Users
Check Full Control.
Click OK
Click OK
Click Close
The folder is not set up for your users to have their desktops redirected to this location.
Step 2
We now need to create the Group Policy that will redirect the users desktop to this location.
On your Domain Controller, click Start / Administrator Tools / Group Policy Management
Expand the tree until you expand Group Policy Objects.
Right click Group Policy Objects and click New.
Give the GPO a name. In this example, we will call it DesktopRedirection. Click OK
Under Group Policy Objects, right click DesktopRedirection and then click Edit.
Expand User Configuration / Windows Settings / Folder Redirection.
Right click Desktop and select Properties.
In the Settings drop down box, select Basic – Redirect everyone’s folder to the same location.
In Target folder location select Create a folder for each user under the root path.
IN Root Path, enter the UNC path to the folder we created earlier. In this example, it is \\MCT-1\Desktop.
Click the Settings tab.
By default, Grant the user exclusive rights to Desktop. For this example, I unchecked it.
Click OK
Close Group Policy Management Editor
In the Group Policy Management window, drag and drop the GPO onto the Organizational Unit that holds your user accounts. Remember, you cannot link a GPO to the default users container.
This policy is now being applied to your users.
Step 3 Install FSRM
On the server that holders the Desktop folder, clickStart \ Administrator Tools \ Server Manager
You need to add the File Server Resource Manager Role service to this server. If File Services are not installed, click Add Roles and add the File Services role to this computer.
In Server Manager click Roles.
Scroll down until you get to the Role Services section and click Add Role Services
Check File Server Resource Manager and then click Next.
Select the drive that you have the Desktop folder on.
Click Next
Click install.
Close the window when completed.
Step 4 Set up the file screen
Click Start / Administrator Tools / File Server Resource Manager
Expand File Screen Management
Right click File Screens and select Create File Screen.
In the File screen path, choose the Desktop folder that you created.
In Derive properties from this file screen template (recommended), choose the file screen you want to use. For our example, we are using a custom file screen. This screen blocks .TXT files.
We are now ready to test the screen
Log into your client as a user who has the Group Policy applied to them.
Attempted to create a .TXT file. You should receive an error like the one below:
If not, make sure your group policies have replicated and this client has downloaded the policy.
Comments