(URGENT) Delete the profile of user on login and logoff

There is a way in GPO to make it so that you don't keep a local profile, you can go to Computer Configuration ->Administrative Templates->System->User Profiles and you can Delete cached copies of roaming profiles. By Default Temporary internet files, Temp and History directories are not transferred over when using roaming profiles. They are only stored on the local machine.

As for restricting users from installing things maybe in GPO, Run Only Allowed Applications from
User Configuration->administrative templates->System.
 Or just put them in a restricted User group.

a host file that can be replacated via WINS or just applied to the local machine from http://www.mvps.org/winhelp2002/hosts.htm
Usually stops most spyware.
Also you could try using an antispyware util from www.pctools.com or www.webroot.com. Both are among the best anti-spyware utils.

machine_shin



GPO Sysytem> User pofiles i Have tried it  but there is no option as such to delete the  History, Temporary internet files or Temp folders on every login  can it be used though Login script can u give me  complete codes and way to  configure login script as I am a layman to it.

Alowed apllications  i have to completly list down the softwares taht can be  executed and list will go to is there any way to block msi, or setup or to lock registry so that  any application files caanot be registred o installed on the PC

If you created the users in domain controller ( active directory serices with DNS server) and at client side they are loging with domian user then there is already restriction for installationapplications or to make any change the windows control panel settings .menas it needs the administarive rights....ok

how are you getting on?

Machine

1. I have redirected the  my documents and  desktop folders to a different drive can i give full path of that folders  in login script  then default user profile path ""%userprofile%\"  

2. I want to make printer default and install on every login can i  give the vbscript commands in same login script.

3. i want that all the files of all users working goes in a single folder with specified user permissions can it be possible and ant to restirct all other folders and drives for user access an want to restore the PC by deleting all history, documets, desktop, temp, temporary internet files all accessed by any user ad  make the pc fresh fo the new user if is posoibl how i can  proceed wioth y problem.

Machin__Shin

thanx buddy for the login script i tried it as log off script but  have a problm in it it does not delete hidden folders like  Application Data, Print hood is it posible to change there attributes unhide and system and then delte these folders as i want that very time user  login the  profiles are created automatically

I've got a couple more Japanese Exams to do in the next few days. I will give you more advice after that.

machin_Shin

 best of luck for ur exams buddy

waiting for ur exams to be succesfull
and then my probs will be sorted

excpet mchin no one here to rply the queries ..i think machin  is  stil busy in exams

You can add the attrib command into the loging script if you want. But if you are trying to remove the entire profile every Login you will probably encounter the issue where the files are still being used.
 ( command = attrib *.* -s -h -r /s/d)
The users shouldn't mind seeing stuff from those directories and I doubt you want to redo the entire thing from scratch everytime. Just make it a set profile that you like on the roaming profile under non-cached mode and delete or clear said directories if you want to. but easiest is to make the profiles Mandatory.
In order to do it set up your profile as you like it change the ntuser.dat extension to NTuser.man and they cannot change the background or the registry for that user file.
And for cleaning your net files and what not maybe trial out

http://www.download.com/ZeroNetHistory-2005/3000-2248_4-10540287.html?tag=lst-0-2

I only hope I did well on my exams I think I passd all but maybe the listening. (totemo hayai hanasu koto desu yo)

Oh and by the way I should have mentioned the user can actually change the background and what not but when they log back in everything is reset.

Machin
thanx buddy
 I have tried these attrib command before and was successful  in deleting other folder through log off script except  these folders Application Data, Local Setting,  and files Ntuser.dat, ntuser.log, ntuser.ini.

I have told u my purpose is that i want to refresh the profile and registry of each user. Will mandatory profile will work is there any resource for mandatory and roaming profiles and what is the difference between them.

A mandatory profile locks the User registry against change. It doesn't save it to the Profile on Lo off. And You can have Roaming Mandatory Profiles.

This should explain it and it should suit your needs.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/mandatory_user_profiles.asp

Machin  

i  have renamed the individual

ntuser.dat located in c:\documents and settings\user1 folder to ntuser.man of each user but still the  changes made to
internet explorer
home page
internet explorer toolbars are still active  is there any way to disable them
secondly i want to  make the registry read only so that no  user changes are saved in registry of windows  is there any way out.

try logging out then logging back in......you might notice it's all back to the same.
In regard to the additional stuff those are controllable through GPO's.