?
Solved

group policy mandatory profile

Posted on 2009-05-03
3
Medium Priority
?
1,054 Views
Last Modified: 2012-05-06

Dear experts

I have mandatory profile and it is working fine and I add some group policy to the user that I want them to be applied to tighten the security ,but the group policy does not applied  , I read that if have mandatory profile you can not apply group policy ,

there is any work around to get the group policy applied?

Fast response is appreciated
0
Comment
Question by:M_omeir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:zoofan
ID: 24290659
You can not apply changes to a mandatory profile after you you make the profile mandatory.

It would defeat the purpose of making it mandatory.

You need to rename the file and folder back to normal apply changes and then make it mandatory again.



zf
0
 

Author Comment

by:M_omeir
ID: 24309620
thanks

but i want to modify through group policy there is no way to do through script
0
 
LVL 12

Accepted Solution

by:
zoofan earned 750 total points
ID: 24309844
I know this is not what you want to hear but your best/safest/most reliable way to handle this is to make
the profile NON mandatory long enough for the policy changes to update and then return it to mandatory.

(I do this myself as needed by changing the users password logging in myself applying changes and logging out and then give the user a new password)  

There is no other way that is reliable(that Im aware of)....once you rename the ntuser.dat to ntuser.man it is locked from changes from: the OS/the user/GPO's etc...


The one and only option that I know of but had more troubles then success with
is to manually edit the ntuser.man(dat) file and the time involved is much longer then the above.

By loading the ntuser.man(dat) hive by hive and key by key into regedit or using regeditpro(never used it just read about it) you can make changes directly to the file itself.

regeditpro(not an endorsement just a google search find)
http://www.robotronic.de/regedit/index.html


zf
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question