• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 209
  • Last Modified:

Users getting auto generated new local profiles on 2000 workstations.

I have a 2003 domain with a mixture of both 2000 and XP boxes.  For some reason, users on the 2000 boxes occassionally have a new user profile created for them on their local PC.  This just randomly happpens from time to time.  For example, the user might have had a profile on the pc by the name of user.domain.  Now that will still show up under docs and settings, but you will also find a new profile with the name user.domain.000 and this will be the profile the user is now using.  Any ideas as to what can be causing this?  It doen't affect the XP boxes.
0
wsstechs
Asked:
wsstechs
1 Solution
 
wsstechsAuthor Commented:
Not really. ;)  I am looking for the root cause.  I already know how to copy profiles.  Thanks anyway.  ;)
0
 
aces4allCommented:
By default the Everyone security principal has Full Control of the root directory of each drive on a Windows 2000 machine and these permissions are inherited be each subdirectory.  When a new profile is created Windows 2000 uses that user's account to create the profile and permissions to that profile are granted to the Admistrators group and the Creator/Owner (the User) and permission inheritance for the Everyone security principal is overriden (not granted) for the profile and its subdirectories.  When a domain user logs onto a computer when its computer account password needs to be renewed the Windows 2000 machine will trust the Domain for Authentication (logging in) but not Authorization (granting permissions).  When this happens the user is no longer recognized as the owner of their own profile and if they are not a member of the Administrators group cannot access it but because they Full Control to the remainder of the drive through the Everyone security principal a new profile is created.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now