Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Domain user account not retained on local PC

Posted on 2003-12-04
Medium Priority
Last Modified: 2012-05-04
Greetings experts,
I have a user on my domain, I will call jdoe.  Now jdoe has an account set up on the domain controller in active directory.  The account is enabled, not locked and accessible from any PC on our network.  This AM the user attempted to logon as normal w/ jdoe a password and set to logon to the domain not the local computer.  When the desktop screen appeared, the default windows screen appears, you know the one that appears when any new user logs on and wants to give you the guided tour of windows.  All of the user jdoe's settings are gone.  Now my first thought was that they were deleted by another user.  But I did a few tests on other PCs.  I can log on as jdoe on any of my PCs and get new settings for that local pc.  When I log out the settings are not retained.  We are not using roaming profiles.  This seems to be the only user affected.  No domain policy settings have been change that would cause this action.  I have determined that it is isolated to the user account not a specific PC.  The domain controller is W2K server and the PC is W2K pro.  Really the only thing that matters is getting the email back.  As far as I know nothing has been changed on the network/pc.  I am the systems admin, so I have not made any changes, that does not mean that a employee has not hacked the system and is playing around.  Thanks in advance.
Question by:EaglePress
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 15

Expert Comment

by:Rob Stone
ID: 9875439
Is the old profile in the D&S folder?
If so, create a local account and copy the details to that profile to see if you can resue anything.

Make sure that in gpedit.msc that delete locally cached profiles isn't enabled.

Author Comment

ID: 9875527
No the old profile folder is not in the documents and setting directory.

Expert Comment

ID: 9876475
SO you can logon as the user, log off and back on as yourself, and there is no account folder for the user in the D&S folder?

If so, check to ensure the user isn't using a mandatory roaming profile. I know, you said you aren't using them, but if there is one set, could be the cause. A fresh profile would be sent each and everytime, and it would be a new profile, and no settings saved. Fits the criteria for the problem.
As Stoner79 suggested, it could also be a GPO, though you should know about it as the sysadmin, your fear that the admin account compromised is POSSIBLE. Check for GPO links and permissions set only to that user with read and apply set to enabled.
Good Luck!
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.


Author Comment

ID: 9876976
The user is not using a mandatory roaming profile.  There is nothing unique about this user to the other 100 users already setup in active directory.  I checked the GPO, nothing out of the ordinary there either.

Expert Comment

ID: 9877199
Not to beat a dead horse, your sure you checked for all GPO's?
The only reason I ask is with OU's and what not, it is easy to overlook one.

And, sorry, but I am still wondering about the test. You can logon as user, logoff and back in as self and no profile is stored?
I'm sure you answered but I want to fix that as a reference.

If yes, then most likely, given the answers you have already given, I would have to guess a corrupted record for the user. Having never seen that you can guess the incredulity... 8-)

Expert Comment

ID: 9877203
Is that a word? Incredulousness? Whatever!

Accepted Solution

jhawleyjr earned 1000 total points
ID: 9877351
I had this situation occur a couple weeks ago.  Check the user account in the AD (properties).  Then view the MEMBER OF tab.  Make sure the user jdoe is not a member of the GUEST or DOMAIN GUEST.  No matter what other groups the user is a member of the most restrictive group policy will override any other policy.  The guest account, by default, does not retain any setting, whether login to the domain or a local pc.

Expert Comment

ID: 9878576
Well, I'll be. Never thought of that. 8-)

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Check out what's been happening in the Experts Exchange community.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question