How to setup Home Folders for 40 windows users

I am a developer (not a sysadmin) and need some help with best practices for setting up home folders.

Currently, I have 40 users that save all their 'my documents' kind of documents on their local workstations. This is a nightmare from a backup and DR point of view. I'd like to get some advice on migrating to a home folders concept where all important data is stored on a central server instead of local workstations. My users are on a mix of Windows XP and 7, and we have a Domain Controller running Server 2003.

Questions:

  • What is the best way to set up Home Folders so that all user's data is stored on a central server?
  • What should the server storing the data be? Can it be a NAS device, or must it be a windows server?
  • Are there any good documents or resources explaining HowTo that you have used?
  • Can Outlook PST files be stored on Home Folders successfully?
  • What pitfalls are there that I should be aware of?

The "Folder Redirection" feature of Group Policy will help you a lot. It'll work on both your Windows XP and Windows 7 machines and will get the users' "My Documents" out of their local hard disk drives and onto a server computer (or NAS device, if you like-- it doesn't have to be a Windows Server machine but it does need to be accessible from the clients via UNC path).

This is a decent document from Microsoft describing the feature. Because it's user policy setting it's easy to create a test user or group to experiment with the settings before you go into production.

Some hints from my use of the feature (which I use heavily):

  • Pre-create the folders for the users on the server computer and use the setting "Redirect to the following location." in the folder redirection policy (rather than the "Create a folder for each user under the root path." setting). I create a top-level folder with the permissions Administrators / Full Control, System / Full Control, and Authenticated Users / List Folder Contents - This Folder Only, and then create subfolders for each user with the User's account specified with Full Control permission. This gives you control of the permissions and doesn't mess up the permission inheritance hierarchy. (You can see me rant about this a little more in this answer.

  • Turn off the silly "Grant the user exclusive rights." setting on the folder redirection policy. This, too, messes-up your permissions for no good reason.

As far as pitfalls go, be aware that the initial logon when the folder redirection policy begins to apply can be quite slow if the user has a lot of documents to be redirected. The users should be made aware that the initial logon may be slow.

You might want to look at redirection of the "Desktop" and "AppData" folders too. There can be a lot of user state data there that really should be backed-up. Roaming user profiles can give you the ultimate centralized storage and backup of user state data but it's definitely not as easy to get working well as plain ol' folder redirection.

Edit:

You should not attempt to store PST files on UNC paths. You're begging for "corruption" of the files if you try. The "supported" method for central storage of Outlook data, from a Microsoft perspective, is Exchange Server. If you're not using any of the features of Outlook aside from email you could look at something like an on-site IMAP server.