I have been testing folder redirection migration from Windows Server 2012 R2 to 2019.

Problem: Although GPO was modified to point to the new server, it still pointed to the old server. Running gpresult /R showed that the GPO was applied. I spent two days troubleshooting.

Resolution: I set GPO as as enforced which did the trick.

Problem: User folder creation failed.
Event ID: 502
Level: Error
Description: Failed to apply policy and redirect folder “Documents” to “\Server-Name\Redirected\user.name\Documents”. Redirection options=0x1021.
The following error occurred: “Cannot create folder “\Server-Name\Redirected\user.name\Documents””.
Error details: “Access is denied.”.

Resolution: The issue was caused by missing NTFS permission. Here is the full list of the permissions required for redirected folder creation to work correctly and needs to be applied to the root folder.

• Share
  • Everyone
    • Full Control
• NTFS
  • Administrators (This folder, subfolders and files)
    • Full Control
  • SYSTEM (This folder, subfolders and files)
    • Full Control
  • CREATOR OWNER (Subfolders and files only)
    • Full Control
  • Everyone (This folder only)
    • Traverse Folder/Execute File
    • List Folder/Read Data
    • Read Attributes
    • Read Extended Attributes
    • Create Folder/Append Data
    • Read Permissions