Solved

User Profiles

Posted on 2000-04-12
3
348 Views
Last Modified: 2010-04-13
I have win2k server running as a domain controller and my other machines running professional. They log into the server. The users on the professional machines have local user profiles that they want to use. But for some reason when they logged into the domian for the first time it started a new profile which I assume is kept on the server. How do I get it to only use the local version of the profile? The sever is not always up and I want them to have access to their profiles. Also don't want to have the recreate their profiles. Any suggestions?
0
Comment
Question by:Breezin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Accepted Solution

by:
agrandville earned 200 total points
ID: 2709168
The problem is that the profile that is local to the Professional boxes is associated with the local users account. When they log on to the domain they are using a different user account (Their Domain account) that is why the OS creates a different profile named Username.DomainName. Repairing the problem is the trick. As long as you don't configure the users accounts to use roaming profiles then they will use a local profile. It sounds like your problem is that the users have created profiles with local accounts and now you want to modify those profiles so that their domain accounts can use them. The problem is in the internal registry permissions. When the system created the users profiles it assigned rights to the users registry hive in user.dat. You can look at these security rights by looking at HKEY_USERS\UserSID where UserSID is the local user account of the user who created the local profile. Note: This user must be logged in to the box in order to have his registry fragment merged into the system registry and for you to see it. Anyway, the solution is to change these permissions to include the users domain account. Make sure you give the Users domain account full control of the entire HKEY_USERS\SID Key and all subkeys. Unfortunately, there is no easy way to modify these premissions on the fly. One good reason is that the user must be logged into the box for his registry fragment to be loaded and for you to change the permissions. You didn't mention how many workstations you have so I can't tell if that's a big deal or not. If it's just a few you can just do it from the users console. Log in as an Administrator and open Regedt32. Browse to the HKEY_USERS key and highlight the Root Key. From the Registry drop down menu choose "Load Hive" browse to the users profile directory and choose their user.dat file. Name it whatever you want. Once thier registry is loaded highlight the key and change the premissions. Don't forget to give the users domain account access the profile directory in c:\documents and settings.
However, if you have alot of workstations and you wish to automate this process it could get really tricky.
0
 

Author Comment

by:Breezin
ID: 2709311
we only have around 10 boxes that would need to be chaged. Is there a way to copy the old user profile to the domain profile and just start using that. And if we do this will a copy of the profile be saved and used if the domain controller is down when they boot up?
Would this be easier or should we just do the registry changes like you suggested?

Thanks.
0
 

Expert Comment

by:agrandville
ID: 2709489
As long as you haven't set the users accounts up to use roaming profiles than the profiles will always remain on the workstations. You would set up roaming profiles by editing the users profile path in the User object in your Domain. You could use the MyComputer\Properties\User Profiles\Copy To method to copy the old profile to the new one. You would do this by logging into the workstation as the local User. Use the method listed above to copy your profile to some path i.e. c:\documents and settings\Username.new. make sure you change the "permitted to use " box to include either the users domain account or a group to which he is a member. This will effectively change the internal permissions of the profile to give the user or group listed in the permitted to use box full control to the profile. Log off as the local user. Log in as some other account like administrator. Delete the local users profile in c:\documnets and settings\UserName if you want to be safe you can always rename it something like Username.Old. Then rename the profile you created in the previous step from Username.new to just Username. You will now have a copy of the local users original profile but now the users domain account will have permissions to it. The next time the user logs onto the box with his domain account he will load this profile and all should be well. This will accomplish the same thing as the method I described earlier with changing the permissions manually . It all depends on your preference. Either way as I mentioned above you don't have to worry about the profiles being copied off to some other server unless you tell it to by setting a profile path in the users account.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question