Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Re-connect profile after recreating account

Posted on 2006-11-26
6
413 Views
Last Modified: 2010-04-18
A user has been a domain admin when he should not have been, and just removing the permissions is not enough.
I am trying to recreate a user account so here is the process that I have been following.

1: I removed the exchange attributes so I can keep the mailbox
2: I made a note of the profile location and group memberships from the active directory
3: I deleted the user account in active directory
4: I recreated the users account without creating a mailbox
5: I reconnected the mailbox to the user account
6: I placed the profile paths back into the account along with the user group memberships.
7: I tried to log in.

The error comes when I try to log into that computer.  "A profile could not be loaded and a local profile will be used, access is denied."

We use roaming profiles and I need to reconnect the profile to the user account for all of his setting and information

So my questions are how do I re-attach the profile?
Do I have to recreate the profile also?  
I know how but I would rather not have to re-create the profile.

Please help.
Thanks
0
Comment
Question by:Raynovac
  • 3
  • 2
6 Comments
 
LVL 13

Assisted Solution

by:itcoza
itcoza earned 250 total points
ID: 18015574
You need to give the new user full control to the profile path as well as reset all the rights on the files on the profile directory.  The user needs to be owner of the files there to use them correctly.
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 18015741
the theory behind this is that you have created a new user which has a new SID, you will need to give him permission again as shown above - just make sure you set the permission to propogate to all files
0
 

Author Comment

by:Raynovac
ID: 18020939
Just a note that everything i have done has been with a test user and not the actual users yet.

the user is the same username and password
Does this change the SID?

Also, i tried to assign permissions to that user for that profile and it won't take it.
When i tried to take the permissions as an administrator, it wouldn't let me assign it back to the user.

Eventually, it would stop trying to log in under the roaming profile and created a local profile.

I had to delete all profile folders for that user and re-create it.

What do i do since i can't assign the profile ownership or is there something im missing?

Thanks
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18049176
doesnt matter if the name is the same - you still have a new SID
0
 

Author Comment

by:Raynovac
ID: 18055308
I logged in as that user and added the domain admin with full control.

This allowed me to re-establish the owner of the profile along with the permissions.

Thanks for your help.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18066964
cool :)
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Domain Share problems 5 59
search on network drive not working 4 69
ticket bloat 3 51
How to set IPSec under Server 2008 R2 and Server 2012 R2 3 43
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question