1.3.2 Folder Redirection Protocol Overview

  • Article

The Group Policy: Folder Redirection Protocol Extension enables an administrator to redirect the location of certain file system folders, called user profile folders, to different paths such as a shared network location. When the operating system or application requests access to these redirected folders, the operating system automatically redirects the access requests to the location on a network share specified by the administrator.

By convention, an operating system or application expects to read and store a user's data in a set of folders within the local file system. For example, an operating system conventionally stores image files for user "Sue" in a folder of the local file system called \Sue\Documents\My Pictures. The Group Policy: Folder Redirection Protocol Extension allows an administrator to change the location of Sue's My Pictures folder from its default local location to a UncPath such as \\CorpServer\Users\Sue\Documents, thereby making it available to Sue from any machine on the network. This also enables the administrator to manage its storage from a central location.

It is important to note that an operating system might not support redirection of all user folders. The set of folders that can be redirected (that is, user profile folders) is a function of the operating system version. The protocol provides both a Version Zero file format that assumes a constant list of user profile folders and a Version One file format that supports an extensible set of user profile folders.

Two software plug-ins interact with each other through files in the folder redirection protocol format, stored and communicated through a remote storage location such as a network share. The plug-ins are as follows:

  • Folder Redirection Administrative-Side Plug-in

  • Folder Redirection Client-Side Plug-in

The Folder Redirection Administrative-Side Plug-in provides a user interface by which network administrators can establish and update folder locations for users' folders. It relies on the Group Policy Protocol, as specified in [MS-GPOL], to specify the location of the remote storage location where the folder redirection configuration data is to be stored. This GPO path is metadata in a GPO that is stored on the domain controller (DC) where the Folder Redirection Protocol configuration data is stored. The plug-in uses SMB  operations, as specified in [MS-SMB], to retrieve existing configuration data (in the form of files) from that location and to store updated configuration to it.

The Folder Redirection Client-Side Plug-in is a component of each client machine in the network that users log on to. It is invoked by the client implementation of the Group Policy Protocol, as specified in [MS-GPOL], on behalf of the user logging on to the operating system. The protocol provides the folder redirection protocol with the remote storage location from which the protocol reads the Folder Redirection Client-Side Plug-in configuration data. This location is constructed based on the GPO path in the GPO retrieved by the Group Policy Protocol. The client-side plug-in uses SMB operations to retrieve the current configuration data from that location. The plug-in then parses the data and configures the folder redirection subsystem of the underlying operating system to redirect the user's user profile folders to the locations specified, as described in section 1.3.4.

Note The remote storage location can be implemented using a variety of techniques such as a network share. Therefore, implementing a remote storage location does not require understanding the folder redirection protocol.