Link to home
Start Free TrialLog in
Avatar of nirslepack
nirslepack

asked on

Roaming Profiles Naming Problem

How do I set up a roaming profile for an existing local user. (We'll call it XUSER).
XUSER in on local machine "SALES"

XUSER will now be joining a 2003 domain with roaming profiles.

I copied (with COPY TO...) XUSER's local profile (from the C: drive) to the share on the server.
I then deleted all local profiles in C: including XUSER's.

Logged out. Logged into the domain, and got my XUSER profile to roam back from the server into the local workstation's C: drive. So now I have a profiles called XUSER. So far so good.

Now I try to log into the LOCAL workstation ("SALES"), using the same username, hoping that it will be drawn into using the same roaming profile (XUSER). Instead, it is creating a new local profiles XUSER.SALES.

How can I make it use the profiles based on username regardless of domain, and stop the creation of a USER.DOMAIN profiles  for the local user?

Avatar of iaind
iaind

I think that it is going to be very unlikly you are going to be able to get the profiles functions how you want.

The key thing stopping it working is that XUSER.SALES and XUSER.DOMAIN are two completly different users.  XUSER.SALES and XUSER.DOMAIN are just as different as FRED.SALES and XUSER.SALES.  The user names are just for display, the real idetifer for users is the SID (a nice big 'number' that you see if you look in HKey_Users in regedit.

Also a profile (mainly the Local user part of the registry) is secured for access by that user.  Thats why you have to use the COPY TO.. option to move/copy a profile as it changes the security for the new user.  So if you managed to get XUSER.SALES to point at XUSER.DOMAIN's profile it would not be allowed to read it.

One thing that you _could_ look at to get round that problem would be to give the rights to a group that both XUSER.SALES and XUSER.DOMAIN are a member of (I've never tried this so have not idea if it would work).

You would still have to get Windows to point the two users’ profiles in the same place and I can't think of anyway that you can do that.

My question would be: "Why do you need the 2 users with 2 profiles?".  It may be that there is a better way to do what you are wanting with out having 2 users.
Why do you need XUSER to be both a domain and local user?

I think your best bet would be to always log in to the domain, which will enable XUSER to get the roaming profile.  If XUSER needs some special local privileges (e.g. Administrator or Power User on local machine), add the XUSER domain account to the appropriate local group.  That way, you should be able to do everything as the domain XUSER that you could do formerly do as the local XUSER.
Avatar of nirslepack

ASKER

What happens if the domain controller is unavailable? would XUSER.DOMAIN be able to lo into the local computer somehow ?

I thought that by setting XUSER.SALES (Sales is the local machine) and XUSER.DOMAIN to point to the same location, I would be able to work on the local computer is case the server (DOMAIN) is  down.

Does that happen automatically ?
ASKER CERTIFIED SOLUTION
Avatar of iaind
iaind

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial