Solved

moving win2k3 Terminal Server Profiles

Posted on 2004-09-15
7
271 Views
Last Modified: 2010-04-19
Gentlemen, and Ladies,

I have read about moving profiles on the TS into different directories on NT, but I have yet to read anything about how to do this one win2k3.  Anyone out there have to move local profiles to another directory because someone had the great idea of making the c drive WAY TO SMALL, and placing all applications, databases and user profiles on it??

Thanks anything would be greatly appreciated

Have a great day!!!!

CVvood
0
Comment
Question by:cvvood
  • 3
  • 3
7 Comments
 
LVL 23

Expert Comment

by:rhandels
ID: 12065568
Hi,

Roaming profiles (or any profile anyhowes) within 2003 are a bit strange. As an admin, you cannot have any permissions on the profile of a user. If you do have rights on the profile folder, the profile cannot be changed anymore. So if these users need to change their profiles, only way is to recreate them (because you would need permissions to change them). So that's why i think it won't be possible to move them....
0
 
LVL 18

Expert Comment

by:exx1976
ID: 12067605
Not true.  In order for profiles to work correctly, you need the following:

The user must have at a bare minimum "change" access

The OWNER of the directory must be either the local admin of the box on which the profile resides (or the domain admin account if they reside on a DC), OR the owner must be the user themself.


In order to accomplish these things, simply move the profiles where you want them, make the appropriate changes in AD to point them to the new location, and then use XCACLS and SUBINACL to set the permissions and the ownership, respectively.


HTH,
exx
0
 
LVL 23

Expert Comment

by:rhandels
ID: 12067960
>>The user must have at a bare minimum "change" access

The OWNER of the directory must be either the local admin of the box on which the profile resides (or the domain admin account if they reside on a DC), OR the owner must be the user themself.<<

believe me, it is true. You cannot have access to profiles as an admin when you are on 2003... Believe me, i've witnessed it by myself. That's why Microsoft says not to create profile folders but let them be created automatically...
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 18

Expert Comment

by:exx1976
ID: 12068216
handels - I'm not going to argue with you about it.  Microsoft says LOTS of things that aren't necessarily the way to do things.  They are the EASY way to do things for lazy administrators.  Trust me.  I've got 1700 users spread over 3 locations with 1300 of them on a Terminal Services farm with roaming profiles.  I have access to ALL of them.  The specifics I listed above are the only things REQUIRED for a roaming profile to function.  According to Microsoft, my Exchange configuration shouldn't be working.  But it does.  I should be able to host 1300 Terminal Services users on 12 servers with only 10/100 NICs in them.  But I do, and it works GREAT.

There are better ways to do everything.  The only reason to even bother to learn the Microsoft Way is to pass the exams, which, coincidentally, I have done, for MCSEs on NT4, 2000, 2003, as well as Exchange 5.5 and Exchange 2000 certifications.


:-P
0
 
LVL 23

Assisted Solution

by:rhandels
rhandels earned 125 total points
ID: 12069510
And if you ever run into a problem, Microsoft is just going to say "you should have done it our way". I agree with you that there are better ways of doing stuff and maybe it works for you (the profiles), it didn't work for us. I also normally tend to keep my solutions with the Microsoft way, you never know if something backfires at ya and you need them guys..
0
 
LVL 18

Accepted Solution

by:
exx1976 earned 125 total points
ID: 12073935
No, if I run into a problem, Microsoft is going to fix it.  As long as it's not my config, then there's no reason for them to balk at it or try to have me change it.  Trust me, in the 7 years I've been doing this professionally, I haven't had a single problem with getting PSS to give me a hand when necessary.  I've even used them to help design non-standard solutions on occassion.

Either way, what I listed above are the minimum requirements are for roaming profiles to work.  Believe me.

As for the Microsoft way...  Well, only when you begin to think outside the box will you start to develop creative, innovative, useful, money-saving solutions.  If you just "do everything the Microsoft way" you're nothing more than a robot for Redmond, helping them perpetuate their horrible upgrade patterns.
0
 
LVL 5

Author Comment

by:cvvood
ID: 12114753
For the correct, and mostly everything that was said above:

get some down time with the TS:
make sure no one is logged on but the admin:
Use Xcopy with /K for all the local profiles (except the user logged into the console, This can be tricky, remember to use short file names ) and copy them to the newly created profile drive or other location *****NETWORK ACCESSABILITY IS KEY HERE****  make sure they are either on the same machine or a network share accessible to the TS.
HARD PART(well, cumbersome,..)
Goto Users and computers on the AD box, and for each copied profile enter the location to the newly created profile in the profile location field under the Terminal services box.

To test, Rename a user's local copy of the profile, this is the folder you copied to the new location:  Just rename it Old so you can be sure that it is not in use.

If all goes well you need now do delete the users copies into the new location from the old directory to re-gain your HD Space


Thanks all!!

CW
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now