tgm9002
asked on
Profile duplication and/or deletion after MS05-039 is applied
We deployed the MS05-039 patch for this latest vulnerability across 10,000 systems. Just FYI, this was only 1 of 5 August patches we applied (all in a rollup package distributed via SMS).
Anyway, we (Information Systems here at my company) are fighting profile duplication and deletion issues... basically the user logs on, something has locked their profile and so Windows logs them on with a temp profile (sometimes creating a new profile with .<domain> appended).
I did some research and found that a key had been improperly mapped: HKLM\SOFTWARE\Microsoft\Wi ndows NT\Current Version\ProfileList\<SID>\ ProfileIma gePath
Sooo... once this was fixed, the user's profile reappeared and everyone was happy as larks... until they restarted their computer and logged in again. This time, the profile was overwritten with a blank one (but leaving the file path intact). So we have had many users lose data... I can't seem to recreate this for Microsoft so I've been left out to dry. ;(
If anyone has seen this, please give me a yell (and if you have found root cause or another fix)!
Anyway, we (Information Systems here at my company) are fighting profile duplication and deletion issues... basically the user logs on, something has locked their profile and so Windows logs them on with a temp profile (sometimes creating a new profile with .<domain> appended).
I did some research and found that a key had been improperly mapped: HKLM\SOFTWARE\Microsoft\Wi
Sooo... once this was fixed, the user's profile reappeared and everyone was happy as larks... until they restarted their computer and logged in again. This time, the profile was overwritten with a blank one (but leaving the file path intact). So we have had many users lose data... I can't seem to recreate this for Microsoft so I've been left out to dry. ;(
If anyone has seen this, please give me a yell (and if you have found root cause or another fix)!
ASKER
It's happened on a good percentage of our systems... maybe 10% (but that's a lot of help desk calls for 10K systems!).
Basically after working with Microsoft, they are recommending using UPHClean.exe to run on all systems enterprise-wide. It will also be included in Vista as a standard system process... it basically keeps anything from locking the profile on log on/off.
They could not identify root cause however... :(
We identified with this utility that svchost.exe was locking the profiles... of course, since there are normally 5 or 6 of this processes running, it's hard to tell which one was actually locking the profile.
Basically after working with Microsoft, they are recommending using UPHClean.exe to run on all systems enterprise-wide. It will also be included in Vista as a standard system process... it basically keeps anything from locking the profile on log on/off.
They could not identify root cause however... :(
We identified with this utility that svchost.exe was locking the profiles... of course, since there are normally 5 or 6 of this processes running, it's hard to tell which one was actually locking the profile.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
_User doen't have enough permission on the original profile.
_If a profile is already exist with same name and user is unable to access original profile for some reasons.
Is this happening on all PCs (Windows XP or Windows 2000 Professional client machines)?
Let us know.
SystmProg