Solved

Re-connect profile after recreating account

Posted on 2006-11-26
6
411 Views
Last Modified: 2010-04-18
A user has been a domain admin when he should not have been, and just removing the permissions is not enough.
I am trying to recreate a user account so here is the process that I have been following.

1: I removed the exchange attributes so I can keep the mailbox
2: I made a note of the profile location and group memberships from the active directory
3: I deleted the user account in active directory
4: I recreated the users account without creating a mailbox
5: I reconnected the mailbox to the user account
6: I placed the profile paths back into the account along with the user group memberships.
7: I tried to log in.

The error comes when I try to log into that computer.  "A profile could not be loaded and a local profile will be used, access is denied."

We use roaming profiles and I need to reconnect the profile to the user account for all of his setting and information

So my questions are how do I re-attach the profile?
Do I have to recreate the profile also?  
I know how but I would rather not have to re-create the profile.

Please help.
Thanks
0
Comment
Question by:Raynovac
  • 3
  • 2
6 Comments
 
LVL 13

Assisted Solution

by:itcoza
itcoza earned 250 total points
ID: 18015574
You need to give the new user full control to the profile path as well as reset all the rights on the files on the profile directory.  The user needs to be owner of the files there to use them correctly.
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 18015741
the theory behind this is that you have created a new user which has a new SID, you will need to give him permission again as shown above - just make sure you set the permission to propogate to all files
0
 

Author Comment

by:Raynovac
ID: 18020939
Just a note that everything i have done has been with a test user and not the actual users yet.

the user is the same username and password
Does this change the SID?

Also, i tried to assign permissions to that user for that profile and it won't take it.
When i tried to take the permissions as an administrator, it wouldn't let me assign it back to the user.

Eventually, it would stop trying to log in under the roaming profile and created a local profile.

I had to delete all profile folders for that user and re-create it.

What do i do since i can't assign the profile ownership or is there something im missing?

Thanks
0
[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18049176
doesnt matter if the name is the same - you still have a new SID
0
 

Author Comment

by:Raynovac
ID: 18055308
I logged in as that user and added the domain admin with full control.

This allowed me to re-establish the owner of the profile along with the permissions.

Thanks for your help.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18066964
cool :)
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSIS package failing 3 98
Elevating Domain functional level 9 115
Trasfering FSMO roles 8 95
Generate HTML report about DHCP server 2003 1 9
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now