Solved

Re-connect profile after recreating account

Posted on 2006-11-26
6
416 Views
Last Modified: 2010-04-18
A user has been a domain admin when he should not have been, and just removing the permissions is not enough.
I am trying to recreate a user account so here is the process that I have been following.

1: I removed the exchange attributes so I can keep the mailbox
2: I made a note of the profile location and group memberships from the active directory
3: I deleted the user account in active directory
4: I recreated the users account without creating a mailbox
5: I reconnected the mailbox to the user account
6: I placed the profile paths back into the account along with the user group memberships.
7: I tried to log in.

The error comes when I try to log into that computer.  "A profile could not be loaded and a local profile will be used, access is denied."

We use roaming profiles and I need to reconnect the profile to the user account for all of his setting and information

So my questions are how do I re-attach the profile?
Do I have to recreate the profile also?  
I know how but I would rather not have to re-create the profile.

Please help.
Thanks
0
Comment
Question by:Raynovac
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 13

Assisted Solution

by:itcoza
itcoza earned 250 total points
ID: 18015574
You need to give the new user full control to the profile path as well as reset all the rights on the files on the profile directory.  The user needs to be owner of the files there to use them correctly.
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 18015741
the theory behind this is that you have created a new user which has a new SID, you will need to give him permission again as shown above - just make sure you set the permission to propogate to all files
0
 

Author Comment

by:Raynovac
ID: 18020939
Just a note that everything i have done has been with a test user and not the actual users yet.

the user is the same username and password
Does this change the SID?

Also, i tried to assign permissions to that user for that profile and it won't take it.
When i tried to take the permissions as an administrator, it wouldn't let me assign it back to the user.

Eventually, it would stop trying to log in under the roaming profile and created a local profile.

I had to delete all profile folders for that user and re-create it.

What do i do since i can't assign the profile ownership or is there something im missing?

Thanks
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18049176
doesnt matter if the name is the same - you still have a new SID
0
 

Author Comment

by:Raynovac
ID: 18055308
I logged in as that user and added the domain admin with full control.

This allowed me to re-establish the owner of the profile along with the permissions.

Thanks for your help.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18066964
cool :)
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Learn about cloud computing and its benefits for small business owners.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question