?
Solved

Synchronize Local and Roaming Profiles

Posted on 2007-11-14
4
Medium Priority
?
2,461 Views
Last Modified: 2012-08-14
I'm setting up roaming profiles for users who normally logon to the local machine. All users settings are stored locally. I'd like to have it setup so that users always get their settings whether they're logging in the server or local machine. So in case I bring down the server the user can still access their files. The machines are xp professional and the server is Windows 2003 Standard. I've tested how to do this by:

- renaming the local profile (user.temp)
- creating the user in AD and setting the profile path
- login as the user to set the user name
- delete the user name (created by domain login)
- rename the local profile to user (remove the .temp)
- I add the user/domain to the user's folder and give full rights so the user has user/domain and user/machine name in the security tab of the user's folder with both set to full rights
- I then copy the profile from the local machine to server using "copy to" to overwrite the domain profile

I give the domain/user full rights to roaming profile on the server and notice the Profile key for the local user is there as "unknown" but has full rights. If I open regedit on the local machine and navigate to the user's profile list I see the same key.

It seems it works in that if I logon and create folders on either profile - login to "this machine" as the user or login to domain as the user the folders are there. The only thing is wallpaper and system tray icons are not present although the programs are there in the Programs menu...any idea why?

If I just copy the local profile to server and login to the domain, I get all the settings but another folder is created - user.domain and doesn't sync with the local profile. I have home folders for users as well on the server but again if the server is down they can't access it. I also will not do folder redirection as it requires another machine to store the files (which I do not have). If users store files in My documents or the desktop (normally they do) then I want them to always have access to it.

0
Comment
Question by:tracyms
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 20280378
If you use Roaming profiles then once the user logs on once their profile is local and on the server.  Using cached credentials (off the domain) still gets them into this profile.

The local profile is different that the domain profile - the NTUSER.DAT is HKCU so a domain account is not the same as a local account.

You want to migrate settings to the new domain profile using either USMT 3.0 or this tool:  http://www.forensit.com/Profwiz/index.htm
0
 
LVL 1

Author Comment

by:tracyms
ID: 20281149
Thanks Netman66,
I'm not sure I understand...I have tested creating a user from scratch in AD and logged in as the new user - everything fine, no problem. If I login under "this machine" and not use the domain login I get a folder with user.machine name - not the original profile created by the domain login.

I used the file and transfer wizard before when testing this (not sure if it would equal the migration tools you recommened.

I don't know what happens if I take the server down and a user tries to login to the domain - maybe this is what you're referring to about a cached copy...after pc doesn't find the domain, will it use the one the domain created or add user.machinename?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 2000 total points
ID: 20281762
That's the point.

If you logon to the domain, a local copy of the profile will be created.  You then can logon using the Domain credentials even when not connected to the domain - this is accomplished using "cached credentials" from the domain account.

There should be no need for a local account at all after you create the domain profile and use that tool to move the local profile settings to the domain profile.
0
 
LVL 1

Author Comment

by:tracyms
ID: 20285777
Thanks, makes sense.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question