t250
asked on
Windows 7 Roaming Profile problem
Hi,
We started rolling out Windows 7 in our company and we use Roaming profiles in our company.we had one user whose roaming profile doesn't load on windows 7.Just loads temporary profile when the users logs on.I can see the v2 profile created on the server and it doesn't load the profile when the user logs on.As the user is logged on with temp profile he cannot even connect to network shares etc(doesn't authenticate the user).
And if he logs on to Wondows xp his roaming profile loads fine.
Please see the attached file with one warning and two error messages from the eventviewer.please let me know the solution
Eventvwr.doc
We started rolling out Windows 7 in our company and we use Roaming profiles in our company.we had one user whose roaming profile doesn't load on windows 7.Just loads temporary profile when the users logs on.I can see the v2 profile created on the server and it doesn't load the profile when the user logs on.As the user is logged on with temp profile he cannot even connect to network shares etc(doesn't authenticate the user).
And if he logs on to Wondows xp his roaming profile loads fine.
Please see the attached file with one warning and two error messages from the eventviewer.please let me know the solution
Eventvwr.doc
ASKER
Hi The Scotsman,
we don't have nVidia driver installed we have Intel Driver installed.plese see below
\\.\DISPLAY1\Monitor0
Intel(R) G41 Express Chipset (Microsoft Corporation - WDDM 1.1)
Memory 1421 MB
Memory type 2
Driver version 8.15.10.1749
Intel(R) G41 Express Chipset (Microsoft Corporation - WDDM 1.1)
Memory type 2
Driver version 8.15.10.1749
we don't have nVidia driver installed we have Intel Driver installed.plese see below
\\.\DISPLAY1\Monitor0
Intel(R) G41 Express Chipset (Microsoft Corporation - WDDM 1.1)
Memory 1421 MB
Memory type 2
Driver version 8.15.10.1749
Intel(R) G41 Express Chipset (Microsoft Corporation - WDDM 1.1)
Memory type 2
Driver version 8.15.10.1749
Hi.
Check out this article: http://support.microsoft.com/kb/947242
Also valid for windows 7..
Regards,
Standis
Check out this article: http://support.microsoft.com/kb/947242
Also valid for windows 7..
Regards,
Standis
DOWNLOAD User Profile Hive Cleanup Service AND INSTALL:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en
AND THEN RUN CHECK DISK ON YOUR C DRIVE...
HOPE THIS WILL FIX IT
OR LASTLY YOU CAN TRY THIS,
http://windows.microsoft.com/en-US/windows-vista/Fix-a-corrupted-user-profile
REGARDS,
http://www.microsoft.com/downloads/details.aspx?FamilyId=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en
AND THEN RUN CHECK DISK ON YOUR C DRIVE...
HOPE THIS WILL FIX IT
OR LASTLY YOU CAN TRY THIS,
http://windows.microsoft.com/en-US/windows-vista/Fix-a-corrupted-user-profile
REGARDS,
ASKER
Hi Standis,
i cannot see the profilelist key in the registry.As this is is the only user logged onto this PC after we did the build so there is no profilelist.temp profile is getting deleted when the user logged off
i cannot see the profilelist key in the registry.As this is is the only user logged onto this PC after we did the build so there is no profilelist.temp profile is getting deleted when the user logged off
ASKER
themak,
there are no other profiles on the PC and i have even tried to give the user a brand new profile and the same error message.doesn't matter to which PC he logs on roaming profile doesn't load tried on 4 PC's
there are no other profiles on the PC and i have even tried to give the user a brand new profile and the same error message.doesn't matter to which PC he logs on roaming profile doesn't load tried on 4 PC's
Hmm, might be a ntfs security issue on the file server?
Here is one for setting proper rights on the share:
http://technet.microsoft.com/en-us/library/cc757013(WS.10).aspx
Can you write files to the profile folder (v2) when logged on as the user?
BR
Standis
Here is one for setting proper rights on the share:
http://technet.microsoft.com/en-us/library/cc757013(WS.10).aspx
Can you write files to the profile folder (v2) when logged on as the user?
BR
Standis
ASKER
Standis,
we also use windows server 2008 Terminal Services (Remote apps) and when the user logs onto Terminal Server his V2 profile loads ok i.e read and write acces on the files it is only on windows 7 the v2 profile is not getting loaded.so all the permissions are fine..
we also use windows server 2008 Terminal Services (Remote apps) and when the user logs onto Terminal Server his V2 profile loads ok i.e read and write acces on the files it is only on windows 7 the v2 profile is not getting loaded.so all the permissions are fine..
Be sure that the user is the owner of Profile folder.
You also have to know that the folder with folder for Windows 7 and Windows Vista has to be named:
\\fileserver\profile\user1 (Windwos XP)
\\fileserver\profile\user1 .v2 (Windwos 7 and Windwos Vista)
You also be aware that there is no interoperability between Windwos XP and Windows 7 profile i.e. you cannot use the same profile. At least not without folder redirection.
You also have to know that the folder with folder for Windows 7 and Windows Vista has to be named:
\\fileserver\profile\user1
\\fileserver\profile\user1
You also be aware that there is no interoperability between Windwos XP and Windows 7 profile i.e. you cannot use the same profile. At least not without folder redirection.
ASKER
simonlimon:
user is oner of the profile folder and we are using different profile for xp and windows 7 i.e v2.
user is oner of the profile folder and we are using different profile for xp and windows 7 i.e v2.
And there are no other TS profile path on the remote desktops profile tab in aduc?
(Windows will try to load the TS profile first - if the path exists of course...)
(Windows will try to load the TS profile first - if the path exists of course...)
First Download Tool (x86fre_GRMRSAT_MSU) from http://www.microsoft.com/downloads/details.aspx?FamilyID=7d2f6ad7-656b-4313-a005-4e344e43997d&displaylang=en and Install it on one win7 client Computer and configure it according to Microsoft. after that go to win2003 Domain Group Policy Editor, computer-administrative templates-system-user profiles and Enable "Leave Windows Installer & Group policy Software Installation and Wait for Remote User Profile. After that Login on win7 computer profile will be load then logoff and login with administrator account and delete that roaming profile from my computer property- advance system setting-click on profile and delete it. Then log off and again login with those profile which you have deleted profile will be load from server again do log off and login with administrator account and delete those roaming profile from c:\user and log off from administrator account and login using those account which you have deleted then it will show after login you have login with Temp profile and your files will not be present there then restart system in safe mode go to "start-run-regedit-hkey local machine-software-microsoft -windowsNT -current version-profileList-and select any value in left side after Expanding profileList it will show a user name in right side with other value then delete left side value which contain that user name which you have deleted earlier from C:\ user and Restart computer in normal mode and Now you will be able to login with that User with all Data which you have deleted earlier and there is not any error like You have Logged in Temp Profile.
http://social.technet.microsoft.com/Forums/en-US/w7itproui/thread/6a7941b8-f459-4b10-b75b-1f758c1c751a
Regards,
http://social.technet.microsoft.com/Forums/en-US/w7itproui/thread/6a7941b8-f459-4b10-b75b-1f758c1c751a
Regards,
ASKER
standis,
there is no other TSProfilepath on the remote desktops profile tab in aduc
there is no other TSProfilepath on the remote desktops profile tab in aduc
ASKER
Hi Guys,
this is what iam seeing in the eventviewer as well. i can logon to this PC as any other user in the domain with no issues except one user
The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
this is what iam seeing in the eventviewer as well. i can logon to this PC as any other user in the domain with no issues except one user
The processing of Group Policy failed. Windows could not resolve the user name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).
there is some replication problem between domains, I suggest you delete the account and create it on the domain controller that will fix this issue. To understand Rreplication have a look to the links below,
Active Directory Replication
http://www.comptechdoc.org/os/windows/win2k/win2kadrepl.html
http://technet.microsoft.com/en-us/library/cc772726(WS.10).aspx
Best Practices Analyzer for Active Directory Domain Services
http://technet.microsoft.com/en-us/library/dd391875%28WS.10%29.aspx
Active Directory Replication
http://www.comptechdoc.org/os/windows/win2k/win2kadrepl.html
http://technet.microsoft.com/en-us/library/cc772726(WS.10).aspx
Best Practices Analyzer for Active Directory Domain Services
http://technet.microsoft.com/en-us/library/dd391875%28WS.10%29.aspx
ASKER
The maK
this account has been created three years back and works on xp and Windows server 2008 terminal servers for some reason we are getting this problem only on windows 7.I have even given local profile still same thing in the event viewer
this account has been created three years back and works on xp and Windows server 2008 terminal servers for some reason we are getting this problem only on windows 7.I have even given local profile still same thing in the event viewer
Could you please post a complete ipconfig /all from both Dc and Windows 7 PC.
Regards,
Regards,
Group Policy preprocessing uses security to act on behalf of the computer or user. Incorrect permissions or security failures can prevent Group Policy from applying to the computer or user. Hence you will see above message, try this below link......
http://technet.microsoft.com/en-us/library/cc727272(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc727272(WS.10).aspx
ASKER
TheMak,
Previously we have delegated control in AD for this user to create ,delete users etc does this have any effect and also this user used to be member of Domain Admins but not anymore...As we have created s Separate Admin Account
Not sure because of this will he have any issues logging into Windows 7 PC's...?
Previously we have delegated control in AD for this user to create ,delete users etc does this have any effect and also this user used to be member of Domain Admins but not anymore...As we have created s Separate Admin Account
Not sure because of this will he have any issues logging into Windows 7 PC's...?
No this will not create any issue but check user again by giving domain admins privileges for testing purpose.
Regards,
Regards,
ASKER
Themak,
Added user to domain admins group still the same issue
Regards
Added user to domain admins group still the same issue
Regards
ASKER
Guys,,
any solution for this issue please as i cannot log this user using local profile as well
any solution for this issue please as i cannot log this user using local profile as well
After reading through the various issues, I suspect this is an issue with the machine, not with the profile or user account. Honestly, I'd just format and reinstall Windows 7. OEM images are notorious for not being "domain friendly" and setting odd (and very buried, difficult to find) permissions that interfere with proper domain functionality...ESPECIALLY when folder redirection, roaming profiles, or remote apps are used.
HTH
-Cliff
HTH
-Cliff
ASKER
cliff,
if i logon to this machine as any other user everything works ok it is just this user.I have even tried logging on this user on other windows 7 PC's as well still the same issue.
is this user logs on to XP PC everything works ok
if i logon to this machine as any other user everything works ok it is just this user.I have even tried logging on this user on other windows 7 PC's as well still the same issue.
is this user logs on to XP PC everything works ok
I have see this behavior on windows 7 roaming profiles especially when they are transfered from windows XP profiles
In my case the error appeared when unloading the profile.
This error attached points to a process with ID 1100 that is blocking the registry key. I just had to kill this process with this ID and the profile was unloaded correct.
In your case the profile is even not loaded.
How did you transfer windows XP settings to the new windows 7 profile?
Due to that windows xp profile is loaded security setting must be fine
First I would try to create a clean new profile for this user. Make sure to rename XP and Windows 7 profiles during the test.
Did you try to login from another windows 7 computer for this user?
In my case the error appeared when unloading the profile.
This error attached points to a process with ID 1100 that is blocking the registry key. I just had to kill this process with this ID and the profile was unloaded correct.
In your case the profile is even not loaded.
How did you transfer windows XP settings to the new windows 7 profile?
Due to that windows xp profile is loaded security setting must be fine
First I would try to create a clean new profile for this user. Make sure to rename XP and Windows 7 profiles during the test.
Did you try to login from another windows 7 computer for this user?
The security error points
http://support.microsoft.com/kb/938457
How did you join the win 7 to the domain. Did you use the SBS connect homepage?
And the user has been created through the SBS wizard
I just ask because on the SBS everything is set through scripts. Security Settings, GPOs etc.
http://support.microsoft.com/kb/938457
How did you join the win 7 to the domain. Did you use the SBS connect homepage?
And the user has been created through the SBS wizard
I just ask because on the SBS everything is set through scripts. Security Settings, GPOs etc.
ASKER
HI,
i have renamed the old profile on the server and logged onto pc as the user and still the same msg roaming profile couldn't be loaded and cannot connect to any of the network drives.it does look like windows 7 machines doesn't even authenticate this user as he cannot connect to any of the network drives.
when tried to connect any of the network drives when logged on as this user a windows pops up with the password box again and also "The system detected a possible attempt to compromise secuirty.plase ensure you can contact the server that authenticated you"
i have renamed the old profile on the server and logged onto pc as the user and still the same msg roaming profile couldn't be loaded and cannot connect to any of the network drives.it does look like windows 7 machines doesn't even authenticate this user as he cannot connect to any of the network drives.
when tried to connect any of the network drives when logged on as this user a windows pops up with the password box again and also "The system detected a possible attempt to compromise secuirty.plase ensure you can contact the server that authenticated you"
Check firewall settings:
http://support.microsoft.com/kb/938457
Also, is the clock set correctly, would seem like a kerberos error?
http://support.microsoft.com/kb/938457
Also, is the clock set correctly, would seem like a kerberos error?
ASKER
Simonlimon,
firewall settings are correct as i can logon to this PC as other user and everything is fine.Problem is only with this user.he gets the same message when he logs onto any windows 7 PC.And when he logs onto Windows xp PC everything is fine.
Clock is set correctly
firewall settings are correct as i can logon to this PC as other user and everything is fine.Problem is only with this user.he gets the same message when he logs onto any windows 7 PC.And when he logs onto Windows xp PC everything is fine.
Clock is set correctly
You have to check connectivity
are you using dhcp to assign ip to the client, check it the ip, dns etc is correct
ping the dc by ip, netbios and DNS name from that Workstation,
if you can resole name etc then DNS is ok.
try disableing IPv6
if this did not help
try rejoin the pc to the domain
are you using dhcp to assign ip to the client, check it the ip, dns etc is correct
ping the dc by ip, netbios and DNS name from that Workstation,
if you can resole name etc then DNS is ok.
try disableing IPv6
if this did not help
try rejoin the pc to the domain
Can you check the event viewer on the windows 7 machine ? Is there anything strange there?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
There is a known issue where the nVidia Display Driver Service causes this problem.
If you do have nVidia graphics drivers installed, disable the nVidia Display Driver Service (this wont affect the graphics of the computer, it's only the desktop application part) then reboot.
See if this solves the issue (if you do have nVidia on the system).