Offline Files is a very handy issue for people who work with laptops or who are regularly disconnected from the company network. The feature allows a seamless cache of you network files that can be accessed and modified when you are not connected to the Local Area Network (LAN). Then, when you are next in the office, or connected via a VPN, all modified files are synchronised with the file servers and any conflicts can be resolved. The feature is present in Windows XP but it isn’t the most efficient process and was modified in Windows Vista with the introduction of the Sync Center. This is basically a dashboard for Offline Files as well as Windows Mobile phones. The background process was also further refined in Windows 7. It was this refinement that broke our systems!
Read on for more info and the solution…
We use Redirected Folders in Windows Server to allow users’ “My Documents” folder to be redirected to a file server. This prevents files being saved on vulnerable desktops by changing all access to “My Documents" to point to the server location. This enables Offline Files by default.
We also use the Distributed File System Replication (DFS-R) to duplicate “My Documents” to another file server. This means the load is balanced between the servers and if one server goes down we still have access to the data. This is accessible to the users through a mapped drive (some people just can’t get their head around UNC paths!)
So, we have each user’s “My Documents” folder accessible in the following locations
- Primary Windows 2008 File Server – \\FileServer1\Staff\%USERNAME%\Documents
- Secondary Windows 2003 R2 File Server – \\FileServer1\Staff\%USERNAME%\Documents
- DFS Share – \\Company.LAN\Shares\Staff\%USERNAME%\Documents
- Mapped Drive on client – U:\ (mapped to DFS path above)
Windows XP had a little icon that would appear in the Notification Area (a.k.a. System tray) to notify people they were working offline. This would also allow users to force a sync if they got back online via a VPN.
In Windows Vista and Windows 7 you get a bit more detail. In Windows Explorer there is a “Work Offline/Online” button on the toolbar as well as more information in the details pane regarding what type of connection you have
The “Work Offline/Online” disappears from the toolbar when the user disconnects from the LAN. Fair enough ,you may think, as there is no way to go online if there isn’t a physical connection. However, when you connect to the VPN, the button should reappear and allow you to work online if you so desire. However, for us this wasn’t happening. There was no way to force Windows to accept that there was a connection. You could even access the files by going directly via the file servers’ UNC path or IP address but no joy through the DFS mapped drive.
After a quick shout out on twitter it seemed that my followers were not experiencing any problems with the feature (including a few that work for Microsoft). Google told a bit of a different story with several forums full of problems with the Windows 7 + Offline Files + VPN combination. A few people had problems with share permissions or used a hotfix provided by Microsoft but none of these had any affect for my situation. I even trawled through the Windows 7 internal Help & Support, extensive TechNet documentation and every Offline Files group policy setting there is to see if I could find the root problem. After no success, and two working days later, I decided we would have to accept that it wasn’t going to work and it was time to give up.
At just that moment I overheard a few colleagues talking about the impending IPcalypse and how they didn’t see what the need of IPv6 was. I started to explain why and gave examples of how Windows 7 uses IPv6 to accomplish new technologies like DirectAccess or HomeGroups that just aren’t possible using IPv4. Suddenly a lightbulb flashed above my head. One thing we have always done when setting up VPNs is to disable IPv6. As we were not using any IPv6 technologies all it would do is slow down the VPN connection time. Could it be that this was the one peculiarity that was preventing remote users from working “online”? Well after a bit of testing I am very pleased to say “Yes!”. All you need to do it tick that little IPv6 box on the Networking tab of a VPNs properties (type “IP” in the start menu to view network connections).
As soon as you connect to your company LAN the “Work Online” button will appear in Windows Explorer as well as giving you detailed Offline statuses in the details pane (e.g. slow link, offline, online etc.). You would not believe how relieved I was to find this solution. I couldn’t find any official documentation from Microsoft on Offline Files being dependant on IPv6 in Windows 7 so I guess I have just created it . It would be great if you could give me a shout out in the comments if you have experienced the same issue and if this tweak has fixed it for you.