Redirected user folders allow a user's Desktop, My Documents, and AppData (and a handful of other) folders to be located on a network share. The idea is that the data will be backed up by processes in the server room and be available on any machine in the organization. However, the process has some painful downsides. One of those such downsides is that by default the "Grant user exclusive rights to %folder%" setting is checked. This is done for security reasons, but has the effect of making those folders inaccessible to even Domain Admins. In our environment, this prevented us from even seeing which user was filling up our network with their redirected files!
Below is a Powershell script I used to grant permissions on redirected profiles to Administrators. Basically, it is necessary to take ownership and then add the permissions. I ran this on the server which hosted the iSCSI network storage and added the possibility to select just a range of folders alphabetically.
