This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Hello and hope everybody is keeping well in these difficult times.
Please could someone help with the following query.
Query Summary
How can we get folder redirection for desktop, documents, IE favourites etc to work when there are a large population of users using a Cisco VPN client.
Query background.
The reason for the question is that we will be migrating all our users to OneDrive and redirecting their folders from a network drive to OneDrive so their desktop folders, my documents, IE favourites will reside in OneDrive. The users network drive will then be removed.
The process to use the Cisco VPN client is such that users connect to the VPN after they have first logged into their laptops remotely. Subsequently they do not get Group Policy applied to them at the point of first logon.
Unless I am mistaken I do not think a GPUpdate /force works for folder redirection as the user has the folder redirection objects locked out by the fact that they are currently logged on.
If users were LAN connected (e.g. in an office we would not be having this issue)
We are in the early stages of researching this scenario and will be putting some test plans in place to overcome this which we will happily feed back here.
At present our only thoughts are to run a script locally on the users laptops to manually perform the folder redirection and then do a reboot but this is yet to be tested.
Any thoughts or insight to a solution would be greatly appreciated.
Maybe someone has had this issue before and has found a solution.
Many many thanks in advance for any input received.
Yours's gratefully.
Dan
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 75%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
Hey Dan - I am facing a similar issue. Currently have staff with redirected folders & offline files. now looking to move those folders to OneDrive with 'Known Folder Move'. The issue is that to implement KFM you first need to remove all existing Redirected Folders settings. This would be fine if all staff were located in an office connected to the LAN... but due to Covid they are now working from home over VPN.
My situation sounds the same as yours, our VPN doesn't connect until after logon with cached credentials - which means that Folder Redirection GPO's never apply. So there is no way for me to remove the exiting FR policies and them implement OD KFM.
Did you ever find a workable solution to this problem (other than connecting VPN prior to logon) ?
Regards.
Dave M.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 96%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFF%3C/text%3E%3C/svg%3E)
Hi,
In your situation, ,what's the result if you sign out and sign in again?
Firstly, In situations where you need for users to implement folder redirection in a single logon, apply a GPO with the setting “Always wait for the network at computer startup and logon ”to the computer. This setting is located under Computer Configuration\Administrative Templates\System\Logon in the Group Policy Object Editor. Update the group policy and then confirm the result again.
Also,based on my research, we need to connect VPN before login with our domain account.
Then configure VPN to be connected before login with our domain account.
Since don't have the Cisco VPN environment ,i'm afraid can't give more advice for the configuration.
Similar case for your reference:
https://social.technet.microsoft.com/Forums/en-US/b83b93a6-5663-4f56-95dd-057374cc37c8/apply-gpo-through-vpn?forum=winserverGP
Best Regards,
Hi,
Welcome to share your current situation.
Please feel free to let us know if you need further assistance.
Best Regards,
Fan
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 79%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Can users make changes to the Cisco VPN config? Though my information is very outdated, this is Windows XP-era, one of the things I loved with the back then Cisco VPN client was that it was able to start before Windows logon.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 84%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
I'm currently in the same situation but we're simply moving users' redirected folders from one file server to another, not to OneDrive.
One option we are considering is to get users to remote onto RDS servers to initiate the process, as we're soon to roll out RDS across the company. Failing that, you could get the users to remote onto a workstation in the office which is connected directly to the LAN. Though not ideal, this should process the GPO at logon and move the files over.
Further to this, after testing I found that the files did migrate by logging into the RDS, however, the user's local machine remains pointing at the old share location where the files no longer exist, so they basically lose access to their files until they next login on the LAN, unless you can train them as a workaround to browse to the new location in the meantime.