Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

group policy mandatory profile

Posted on 2009-05-03
3
Medium Priority
?
1,061 Views
Last Modified: 2012-05-06

Dear experts

I have mandatory profile and it is working fine and I add some group policy to the user that I want them to be applied to tighten the security ,but the group policy does not applied  , I read that if have mandatory profile you can not apply group policy ,

there is any work around to get the group policy applied?

Fast response is appreciated
0
Comment
Question by:M_omeir
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 12

Expert Comment

by:zoofan
ID: 24290659
You can not apply changes to a mandatory profile after you you make the profile mandatory.

It would defeat the purpose of making it mandatory.

You need to rename the file and folder back to normal apply changes and then make it mandatory again.



zf
0
 

Author Comment

by:M_omeir
ID: 24309620
thanks

but i want to modify through group policy there is no way to do through script
0
 
LVL 12

Accepted Solution

by:
zoofan earned 750 total points
ID: 24309844
I know this is not what you want to hear but your best/safest/most reliable way to handle this is to make
the profile NON mandatory long enough for the policy changes to update and then return it to mandatory.

(I do this myself as needed by changing the users password logging in myself applying changes and logging out and then give the user a new password)  

There is no other way that is reliable(that Im aware of)....once you rename the ntuser.dat to ntuser.man it is locked from changes from: the OS/the user/GPO's etc...


The one and only option that I know of but had more troubles then success with
is to manually edit the ntuser.man(dat) file and the time involved is much longer then the above.

By loading the ntuser.man(dat) hive by hive and key by key into regedit or using regeditpro(never used it just read about it) you can make changes directly to the file itself.

regeditpro(not an endorsement just a google search find)
http://www.robotronic.de/regedit/index.html


zf
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question