[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Roaming profile doesn't get saved to the server!?

Posted on 2007-10-06
7
Medium Priority
?
437 Views
Last Modified: 2008-05-31
Here's a tricky one...
I just installed a brand new Windows 2003 64-bit server. It's running Active Directory and I've created a few users. I want to let the domain users to have a roaming profile and added the profile share in their "Profile path:" value in the users properties. Like this: \\server\profiles\testuser Defined a Home Folder to connect to H: and \\server\homefolder\testuser.

I must say I have done this a thousand times before on other servers and set the correct security permissions on both the share AND ntfs folder security.

Here's what happenes:
When I log on with the domain user, testuser, Windows XP logs on and creates a profilefolder inside the \\server\profiles\ - folder and gives the correct permissions. But when the user logs off - nothing get's saved to the testusers profilefolder!?!!

I log back on and have a look at the profilefolder under \\server\profiles\ and cannot see any files...

Here's a bit of the "userenv.log" file:

USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(72c.6c0) 23:28:24:750 =========================================================
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: Entering, hToken = <0x228>, lpProfileInfo = 0xf3f910
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: lpProfileInfo->dwFlags = <0x1>
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: lpProfileInfo->lpUserName = <Camilla>
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: NULL central profile path
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: NULL default profile path
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: NULL server name
USERENV(72c.6c0) 23:28:24:750 GetInterface: Returning rpc binding handle
USERENV(2a8.3d4) 23:28:24:750 IProfileSecurityCallBack: client authenticated.
USERENV(2a8.3d4) 23:28:24:750 DropClientContext: Got client token 000004EC, sid = S-1-5-18
USERENV(2a8.3d4) 23:28:24:750 MIDL_user_allocate enter
USERENV(2a8.3d4) 23:28:24:750 DropClientContext: load profile object successfully made
USERENV(2a8.3d4) 23:28:24:750 DropClientContext: Returning 0
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(2a8.2c0) 23:28:24:750 IProfileSecurityCallBack: client authenticated.
USERENV(2a8.2c0) 23:28:24:750 In LoadUserProfileP
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Running as client
USERENV(2a8.2c0) 23:28:24:750 =========================================================
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Entering, hToken = <0x7dc>, lpProfileInfo = 0xee1d28
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: lpProfileInfo->dwFlags = <0x1>
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: lpProfileInfo->lpUserName = <Camilla>
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: NULL central profile path
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: NULL default profile path
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: NULL server name
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: User sid: S-1-5-21-2890713345-2069233893-3832898142-1626
USERENV(2a8.2c0) 23:28:24:750 CSyncManager::EnterLock <S-1-5-21-2890713345-2069233893-3832898142-1626>
USERENV(2a8.2c0) 23:28:24:750 CSyncManager::EnterLock: No existing entry found
USERENV(2a8.2c0) 23:28:24:750 CSyncManager::EnterLock: New entry created
USERENV(2a8.2c0) 23:28:24:750 CHashTable::HashAdd: S-1-5-21-2890713345-2069233893-3832898142-1626 added in bucket 12
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Wait succeeded. In critical section.
USERENV(2a8.2c0) 23:28:24:750 TestIfUserProfileLoaded:  Profile already loaded.
USERENV(2a8.2c0) 23:28:24:750 Profile Ref Count is 2
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Leaving critical Section.
USERENV(2a8.2c0) 23:28:24:750 CSyncManager::LeaveLock <S-1-5-21-2890713345-2069233893-3832898142-1626>
USERENV(2a8.2c0) 23:28:24:750 CSyncManager::LeaveLock: Lock released
USERENV(2a8.2c0) 23:28:24:750 CHashTable::HashDelete: S-1-5-21-2890713345-2069233893-3832898142-1626 deleted
USERENV(2a8.2c0) 23:28:24:750 CSyncManager::LeaveLock: Lock deleted
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Impersonated user: 000007dc, 00000528
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Reverted to user: 00000000
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Reverted back to user <00000000>
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfile: Leaving with a value of 1.
USERENV(2a8.2c0) 23:28:24:750 =========================================================
USERENV(2a8.2c0) 23:28:24:750 LoadUserProfileI: returning 0
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: Running as self
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(72c.6c0) 23:28:24:750 LoadUserProfile:  Returning success.  Final Information follows:
USERENV(72c.6c0) 23:28:24:750 lpProfileInfo->UserName = <Camilla>
USERENV(72c.6c0) 23:28:24:765 lpProfileInfo->lpProfilePath = <>
USERENV(72c.6c0) 23:28:24:765 lpProfileInfo->dwFlags = 0x1
USERENV(2a8.508) 23:28:24:765 IProfileSecurityCallBack: client authenticated.
USERENV(640.240) 23:28:24:765 GetProfileType:  Profile already loaded.
USERENV(2a8.508) 23:28:24:765 ReleaseClientContext_s: Releasing context
USERENV(2a8.508) 23:28:24:765 MIDL_user_free enter
USERENV(640.240) 23:28:24:765 GetProfileType: ProfileFlags is 2
USERENV(72c.6c0) 23:28:24:765 ReleaseInterface: Releasing rpc binding handle
USERENV(72c.6c0) 23:28:24:765 LoadUserProfile: Returning TRUE. hProfile = <0x230>
USERENV(2e0.300) 23:28:24:875 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2e0.300) 23:28:24:875 GetUserNameAndDomain Failed to impersonate user
USERENV(2e0.300) 23:28:24:875 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2e0.300) 23:28:24:875 GetUserDNSDomainName: Failed to impersonate user
USERENV(2e0.300) 23:28:25:220 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2e0.300) 23:28:25:220 GetUserNameAndDomain Failed to impersonate user
USERENV(2e0.300) 23:28:25:220 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2e0.300) 23:28:25:220 GetUserDNSDomainName: Failed to impersonate user
USERENV(684.6cc) 23:28:25:251 LibMain: Process Name:  C:\WINDOWS\Explorer.EXE
USERENV(2e0.300) 23:28:25:282 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2e0.300) 23:28:25:282 GetUserNameAndDomain Failed to impersonate user
USERENV(2e0.300) 23:28:25:282 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2e0.300) 23:28:25:282 GetUserDNSDomainName: Failed to impersonate user
USERENV(684.700) 23:28:25:783 GetProfileType:  Profile already loaded.
USERENV(684.700) 23:28:25:783 GetProfileType: ProfileFlags is 2
USERENV(684.700) 23:28:25:783 GetProfileType:  Profile already loaded.
USERENV(684.700) 23:28:25:783 GetProfileType: ProfileFlags is 2
USERENV(6f0.4e0) 23:28:25:799 LibMain: Process Name:  C:\WINDOWS\system32\net.exe
USERENV(684.700) 23:28:25:815 GetProfileType:  Profile already loaded.
USERENV(684.700) 23:28:25:815 GetProfileType: ProfileFlags is 2
USERENV(208.108) 23:28:26:833 LibMain: Process Name:  C:\WINDOWS\system32\RUNDLL32.EXE
USERENV(694.75c) 23:28:27:209 LibMain: Process Name:  C:\WINDOWS\system32\RUNDLL32.EXE
USERENV(2bc.3b4) 23:28:27:287 LibMain: Process Name:  C:\WINDOWS\system32\ctfmon.exe
USERENV(2bc.3b4) 23:28:27:287 GetProfileType:  Profile already loaded.
USERENV(2bc.3b4) 23:28:27:287 GetProfileType: ProfileFlags is 2
USERENV(28c.80) 23:28:27:334 LibMain: Process Name:  C:\WINDOWS\system32\Rundll32.exe
USERENV(6c0.5c8) 23:28:28:964 LibMain: Process Name:  C:\WINDOWS\system32\wbem\wmiprvse.exe
USERENV(870.874) 23:28:30:890 LibMain: Process Name:  C:\WINDOWS\system32\imapi.exe
USERENV(8d4.8d8) 23:28:42:828 LibMain: Process Name:  C:\WINDOWS\system32\wuauclt.exe
USERENV(8c8.8cc) 23:28:42:828 LibMain: Process Name:  C:\WINDOWS\system32\userinit.exe
USERENV(908.90c) 23:28:48:154 LibMain: Process Name:  C:\WINDOWS\system32\cmd.exe
USERENV(954.958) 23:29:12:639 LibMain: Process Name:  C:\WINDOWS\system32\NOTEPAD.EXE



Anyone?? Please help me out here...
:o)
0
Comment
Question by:jogarnes
  • 4
  • 3
7 Comments
 

Author Comment

by:jogarnes
ID: 20028593
Info: The posted userenv.log is from another user than testuser, called Camilla. (They both are the same anyways...)
0
 
LVL 18

Expert Comment

by:John Gates, CISSP
ID: 20030017
>I must say I have done this a thousand times before on other servers and set the correct security permissions on both the share AND ntfs folder security.<

What permissions do you have set on each.  This seems to me like a permissions issue.

-D-
0
 

Author Comment

by:jogarnes
ID: 20030946
'Famouse last words..."

Anyways, here are the permissions:

On the profile share - everyone got full access
On the profile security properties - Administrators/Domain Users/Everyone got full access.

This means that others can in theori browse eachothers profiles, but it doesn't matter. The weird thing is that SOME of the users actually does work, the roaming that is.
I should also add that if the username isn't inside the profile directory, the client computer automatically creates the folder on the server.

Anything else you need to know?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 18

Expert Comment

by:John Gates, CISSP
ID: 20031396
The next thing to determine is can you have the user that does not work try the computer where a users profile has successfully uploaded and have the user try signing on and then off and see if you get a different result?

-D-
0
 

Author Comment

by:jogarnes
ID: 20138102
Still doesn't work... The same results when trying on a computer that it DID work on - but now it doesn't..!!
0
 
LVL 18

Expert Comment

by:John Gates, CISSP
ID: 20138133
>Still doesn't work... The same results when trying on a computer that it DID work on - but now it doesn't..!!<

Can you clarify this a little more.  Are you saying that it did work and now that the user tried to do it there it no longer works for anyone?  Or are you saying it simply did not work for that user and still works for others?


-D-
0
 

Accepted Solution

by:
jogarnes earned 0 total points
ID: 21433510
Ok, I finally found the solution!!!
It was an old nVidia driver that loaded before everything else and caused the DNS to fail - it seems...

I turned off all non-Microsoft services in msconfig and tried to start it - it worked!! So I disabled all the nVidia services and it worked like a charm!

So there you go - weeks and months of headscratching.... :)
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question