Solved

Machine Specific Profiles for a Multiple OS Client / Server 2K Domain

Posted on 2004-09-24
11
246 Views
Last Modified: 2010-04-14
Hi,

Hope someone can help with this.

Here we have a Windows 2000 Server domain with 3 Different Microsoft OS Clients (NT4, 2000, XP). Any user must be able to log on to any of the 700 Machines at any time. We operate a manatory user profile for all users.

Here is the problem, the profile has always been fine with just NT4 / 2000. It takes some fiddling to get it right but it works. XP However doesnt seem to work so well with the profile, it manages to pick up all the desktop settings but other things like regional and print settings dont seem to work properly (paper and language sizes always end up out).

What i would like to do is make three different profiles, one for each OS and apply them to computer OU's but as far as i can see that is not possible as the profile paths are user specific rather than machine specfic. Plus there is the fact that NT4 machines seem to ignore OU's entirely.

Does anyone know a way that I could make a machine specific mandatory profile for anyt user that logs on. I did think of making a madatory local profile on future machines, but it would not be feasable to do this to all the existing ones.

Thanks for reading
0
Comment
Question by:disinformation
  • 5
  • 3
  • 2
  • +1
11 Comments
 
LVL 6

Expert Comment

by:jthow
ID: 12141271
Maybe a logon script that checks the machine it's running on and applies the relevant profile?  Unfortunately, the standard OS environment variable for NT, W2K and XP is 'Windows_NT' so you'd be faced with creating your own variable on each of your 700 boxes...

JohnT
0
 

Author Comment

by:disinformation
ID: 12141407
jthow, i had considered this.

The distribution of the new enviorment variable wouldnt be too difficult, i could just add a reg clip to the top level of my computer accounts OU (and manually add it to NT's machines, not too many)

However, i wouldnt even know where to start in creating a script (or 3 scripts) to implement a profile
0
 
LVL 6

Expert Comment

by:jthow
ID: 12143949
disinformation,

Sorry, I'm not a scripting expert.. ;-(

There's a couple of articles at:-

http://www.microsoft.com/windows2000/en/advanced/help/default.asp?url=/WINDOWS2000/en/advanced/help/sag_LSconcepts_0.htm

and http://www.tycho7.com/Software/Win2k/logon_scripts.htm

that might give you some clues.

I don't think you'd need 3 scripts, just 1 with the 3 variations you have and a test for your environment variable which decides the appropriate settings for the particular flavour of windoze.  (But, like i said I'm not a scripting expert...)

JohnT
0
 
LVL 17

Expert Comment

by:Eagle6990
ID: 12144880
0
 
LVL 83

Expert Comment

by:oBdA
ID: 12146866
You don't need a script.
On each of your three machine types, set an environment variable in the machine(!) environment, named, for example, "OSVersion" (well, you can do that with a script ...).
On XP, set it to XP, on W2k, set it to W2k, and on NT4, set it to NT4.
In the folder where your mandatory profile currently resides, create three subdirectories, named like the three possible settings: NT4, W2k, XP. Put the respective profiles in there.
Now all you have to do is adjust the path to the profile in the user's properties. Set it to \\SomeServer\YourProfileShare\%OSVersion%, instead of (probably) \\SomeServer\YourProfileShare.

As for the script, you can use setx.exe (from the other link), but do not forget the -m switch.
This will check the OS version and set the OSVersion variable accordingly, if necessary.

@echo off
setlocal
ver | find /i "Windows 2000" && set CurrentOSVersion=W2k
ver | find /i "Windows XP" && set CurrentOSVersion=XP
ver | find /i "Windows NT" && set CurrentOSVersion=NT4
if "%OSVersion%"=="%CurrentOSVersion%" goto :eof
set OSVersion=%CurrentOSVersion%
ECHO setx.exe OSVersion %CurrentOSVersion% -m
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:disinformation
ID: 12158780
Excellent, I never thought of refering to enviroment variables from active directory.

Im at a conference today so i wont be able to test it, I should get some time this week and hopefully i will close the question.

0
 

Author Comment

by:disinformation
ID: 12160201
Unfortunately oBdA your idea doesnt seem to work, the new env variable needs to be on the server as well as the workstation it seems.
0
 
LVL 83

Expert Comment

by:oBdA
ID: 12160925
Yes, you're correct; for this to work, the environment variable needs to be set on all workstations, in the machine environment.
You can first run the script as machine logon script (just noted that I orgot to mention that the script is still in test mode; remove the "ECHO" in front of the "setx" line to run it for real.), until the variable is defined at least on your W2k/XP machines (you'll have to add the UNC path to setx.exe as well). On your NT4 clients, you only have the logon script, and this runs in the user's context, who doesn't have enough permissions to set a machine environment variable.
Once the environment variable is set, you can change the profile paths.
0
 

Author Comment

by:disinformation
ID: 12167249
oBda, i will explain the set up as im testing it now.

Using one windows 2k workstation to test;

I've created the env variable "OSVersion" and pointed it to WIN2k. I then copied the contents of our current working WIN2k profile into there to test functionality. I've created a test user (from a copy of a working user) however I have entered \\server5\netlogon\%OSVersion% in the profile path rather that \\server5\netlogon\username. I then tested the system variable was resolving correnclty from the 2K client by simply replicating the test users profile path in a run dialogue - It worked.

However;

When i try to log the users on (from the machine with the new varaible installed) it did not work giving me the usual could not load profile error and quoting "\\server5\netlogon\%OSVersion%" as the path, as if it had not succesfully resolved the system variable.

However, i tried putting the same enviroment variable that id put on the workstation on the domain controller that the machine was attempting to log on to and it worked. So becasue i need to have a single env variable in every users path it could not work at present.

Thanks.
0
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 12168220
I've used a similar construction for different user profiles in a mixed NT4/W2k Terminal Server environment.
Let's do it step by step.
On your W2k test workstation, right-click "My Computer", choose Properties, go to the Advanced tab, click the "Environment variables" button; in the "System(!) variables" section, click "New", enter (without the quotes) "OSVersion" as name, "Win2K" as value.
Reboot(!) the machine.
If your (physical) user profile path for your test user was \\server5\netlogon\%username% until now, create a subdirectory "Win2K" in your test users profile folder. Move the appropriate profile in there.
In ADUC, in the test user's profile, set the path to the roaming profile to \\server5\netlogon\%username%\%OSVersion%
Log on to the workstation with the test account, and it should now pull the Win2K profile.
0
 

Author Comment

by:disinformation
ID: 12168361
oBda

it works, it was a very stupid gotcha. Id included a trailing \ in the system variable which was causing it not to work.

Thank you very much for this solution it has given me many ideas for improving the domain as a whole.

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This video discusses moving either the default database or any database to a new volume.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now