6

At the school I am interning at, all students and faculty have a mapped home folder known as the "M:" drive for storing files that they can access from all computers. For faculty who have laptops, we enable offline file sync for the "M:" drive so that they can access a copy of their files from home; however, we do this as a post-imaging task. Sometimes it is missed.

I've been trying to find a way to eliminate the need to manually enable offline file sync after imaging. The only possibility I've found so far is the "Administratively assigned offline file" Group Policy Object (located in User Configuration/Administrative Templates/Network/Offline Files).

If I enabled this, I can see the following situation occuring:

  1. Teacher A is assigned a computer and her "M" drive is automatically set to sync.
  2. Teacher B forgets his computer, so Teacher A lends hers to Teacher B.
  3. Teacher B logs in and his "M" drive, which is multiple gigabytes in size due to stored videos of the sports team he coaches, syncs to the computer.
  4. Teacher B never logs in again, but a copy of his files remain on Teacher A's computer, wasting space.

As the policy is not in the preferences category, I don't think that I can enable item-level targeting. I've also considered a registry edit, as they can be item-level targeted. However, I could not find a key that would allow me to enable it through the registry. Is there another way that I could make the policy only apply to a user when he is on his main computer? Thanks!

Update: After I passed along the info that there is no "nice" way to achieve this goal, my boss decided we're not going to try to frankenstein something together. However, I thought of one last thing, which might be worth looking into if anyone really wants to make something like this would work: Service control can be item level targeted, so in theory I imagine that it could be set so that the sync service gets killed for a given user if the user is not logged onto his own computer, and enabled when the primary user logs onto his own device. Just a thought!

Krixvar
  • 63
  • 5
  • Is your primary motivation to free up disk space? – joeqwerty Jul 02 '14 at 17:47
  • Sort of -- we're trying to prevent wasted space if a faculty member with a large M drive logs onto someone else's computer once and never does again. Additionally, it would prevent unneeded network load. The main goal is to prevent having to do it as a post imaging task -- if we do happen to forget, many of the less tech-savy people here are calling us up within hours of recieving a new machine. – Krixvar Jul 02 '14 at 18:16

2 Answers2

8

You're running into a design-limitation of Offline Files. It is a per-machine cache, enabled and disabled at a per-machine level. Offline Files limits visibility of items to users who are authorized to view them, but there is a single cache on the machine. You can't disable the caching functionality for just certain users on a machine.

There just isn't a granular level of control to do what you're looking for. The community asked for it in Windows Vista, again in Windows 7, and still didn't get it in Windows 8. (There's some kinda, sorta functionality in Windows 8 with the "Primary Computer" functionality of Folder Redirection, but that's not a change in Offline Files-- it's just a change in Folder Redirection that impacts the Group Policy setting to always make redirected folders available offline as a side-effect.)

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • That's unfortunate.. well thank you for clearing that up. Before I mark this as answered, do you happen to know if the registry contains keys for which folders are synced? Considering that registry keys can be item-level targeted, I would imagine this would be a sufficient workaround if such a key exists. – Krixvar Jul 02 '14 at 18:19
  • FWIW, on Windows 8.1 even though enabling the cache is per-machine each user on that machine seems to see their own copy (or maybe a filtered list) of offline files. So if _user1_ syncs _\\server\folder_ to _computer1_ by checking "Always Available Offline" in explorer, _user2_ won't see _\\server\folder_ when _computer1_ is offline until _user2_ also checks "Alway Available Offline" from _computer1_. – alx9r Feb 14 '16 at 20:26
0

If this is still an issue, it might be supported as part of the 'Primary Users' functionality which was included in a Windows XP hotfix.

Too much to describe here and you'll need some scripting but the basic idea is as follows:

  1. Create a registry key under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\NetCache called 'PrimaryUsers'

  2. Create new DWORD values with the 'primary users' of the computer in either domain\username, or SID format (e.g. S-1-5-21-397955417-626881126-188441444-2201386)

  3. Create new REG_DWORD values under NetCache with the following values:

    PurgeNonPrimaryUserFilesAtLogoff - clear offline files for non primary users every time they log off

    AdminPinForPrimaryUsersOnly - prevent 'Administratively assigned offline files' policy applying for non primary users

  4. Set the above two REG_DWORD values to '1'

As I said this functionality was included in Windows XP under old hotfix KB811660. It may have been superceded by the new 'Primary Computer' functionality included in Windows 8 since they did rewrite the Offline Files engine version. I got it working with the XP hotfix years ago but haven't needed it since then as yet - might be worth checking in case the old code is still there and working?

Good luck!

Reference for old KB811660 (scroll down past the hotfix info - you're looking under 'More Information' for the following headings: 'Purge files for non-primary users at logoff' and 'Prevent admin pinning of files for non-primary users'): http://web.archive.org/web/20091207073203/https://support.microsoft.com/kb/811660

Updated 'Primary Computer' functionality for Windows 8+, but as noted in another answer, it doesn't apply to Offline Files in the way you want: https://docs.microsoft.com/en-us/windows-server/storage/folder-redirection/deploy-primary-computers

Minkus
  • 278
  • 2
  • 9