Solved

More roaming profile problems with Server 2008 TS

Posted on 2010-08-27
15
1,416 Views
Last Modified: 2012-06-27
Users, including administrator, are getting roaming profile errors when they log in.
Here's an example:

Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.
 DETAIL - The network name cannot be found.

This wasn't a problem until recently, perhaps when I shot myself in the foot by moving the server object into the TS active directory OU.
Background - SBS 2003 DC, Server 2008 member server as TS.

Poking around registry found no .bak sections in HKLM\software\microsoft\windows nt\cv\profilelist, as others have reported here.
I did make a GP change to exclude the directory containing OST files from the roaming profile - login times were getting stupid.

Weird thing is that even the administrator, which does not use a roaming profile, also gets an error that roaming profie couldn't be loaded.

Ideas, anyone?
0
Comment
Question by:geekzinc
  • 4
  • 3
  • 2
  • +3
15 Comments
 
LVL 2

Expert Comment

by:BLangers
Comment Utility
Are the users (administrator?) actually configured to use a roaming profile?
If so, when logged on with a specific user, can you access the path to the roaming profile with explorer?
0
 

Author Comment

by:geekzinc
Comment Utility
No - that's one of the strange bits. Administrator doesn't use a roaming profile, or have a TS profile specified.

Only one person uses the admin account (me) so that's a strange problem but not a big deal.
The temp profile thing IS a problem for the other users, because the software they use has profile-dependent settings in it, and they're annoyed at having to change them.
Plus, I wanna know WTF.
0
 
LVL 17

Expert Comment

by:aoakeley
Comment Utility
> This wasn't a problem until recently, perhaps when I shot myself in the foot by moving the server object into the TS active directory OU.

If you move the TS back to whereever it was and reboot (or gpupdate /force) it does the issue go away? if so have another look at your policies.
0
 
LVL 2

Expert Comment

by:BLangers
Comment Utility
Very basic, but the disk holding the "Users" folder with the profiles has sufficient diskspace available?
0
 
LVL 7

Expert Comment

by:jesaja
Comment Utility
If I understand you right the problem occurred when you moved the server object to the TS OU on the server?

Users do not have problems loading there profile when login in to there workstations?

And the user can access the profile shared directory and create folders and files?


If so can you provide the Results Set of GPO for a user on the Terminal Server. You can do this in GPO Management on the SBS
0
 

Author Comment

by:geekzinc
Comment Utility
Yes, the problem seems to have started after I moved the terminal server around in AD.
Users don't have any issues when they log in at the main office.

Funny thing - reviewing the group policy results report (attached) I see a reference to \\tbg3\TS Profiles. The directory was there, but not shared. I fixed that and granted rights to the remote users group. This worked for administrator, and created a new directory in that share. But another user I tested with, Glen, still had the same issues and no folder was created.

I have a feeling the loopback policy was created for the terminal server OU, and was either not completed or was configured incorrectly.
So my next step, I think, is to delete and recreate the loopback policy, and also to remove all the profiles from the TS. Wait a bit, smoke a cigar, and try again.
GKolodziej-on-tbg3.htm
0
Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

 
LVL 17

Accepted Solution

by:
aoakeley earned 250 total points
Comment Utility
> This worked for administrator, and created a new directory in that share. But another user I tested with, Glen, still had the same issues and no folder was created.

Sounds like while you are smoking the cigar you should also double check both the share and NTFS permissions on \\tbg3\TS Profiles
0
 
LVL 7

Expert Comment

by:jesaja
Comment Utility
What about disabling the loopback GPO for testing

Why is this TS Profile Path set? In my understanding it is not necessary unless more than one terminal server is used to prevent local caching of the profile and to use one profile on each TS.

Profile path is set for each user in the user's settings under profile?
And you don't have any issues when the user is logged in on a PC in the network?
0
 
LVL 17

Expert Comment

by:aoakeley
Comment Utility
Just on a side note. Not saying right or wrong. But I always set a ts profile path to a path on another server. Even in single ts environment. Makes it so much easier to swap ts server when a user does something silly and gets a virus on there etc...

Like I said just my point of view. Not right or wrong.
0
 

Author Comment

by:geekzinc
Comment Utility
I'm about retest the share and folder permissions on the TS Profiles folder, so I will post back those results.

In the bigger picture, I love this site because I get more than one perspective on how things can be done. For this client, I started with SBS 2003 because it met their requirements, was fairly cheap, and we hoped the wizards would allow them to do stuff they're paying me to do (create users, add printers, etc.) HAsn't worked out that way...
Anyway, there is always feature-creep. Pretty soon they had an application they wanted used off-site, and RDC is limited to 2 users on SBS, and they had an old server I put Server 2003 and TS on. Made it a domain controller because I thought it was a good idea to have a BDC (I know, not really, but....) Then they outgrew the TS server and the only option was Server 2008, and I am still learning the differences between 2003 and 2008.
Roaming profiles became a requirement, and the CFO wanted to move and work from home...next request is server mirroring offsite. All cool things to play with and learn, but they have limited $$ and I have limited time, so it's always a balancing act.
Back to issue at hand - I set up Sonicwall firewalls at all the locations (14 and counting) so they have easy access to the file server. Application is a database, so it still requires TS. That server's only purpose is to host remote access to the application, so roaming profiles aren't required, and the TS profile can be very simple. Can't web-enable the app in TS, tho - their programmers didn't even know what I was talking about.
0
 

Author Comment

by:geekzinc
Comment Utility
Follow up:
Share permissions on the TS Profile folder was the final problem, now resolved.

How do I divvy up points? I got valuable advice from all of you!
0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
Please accept http:#a33551370
0
 

Expert Comment

by:WallyMod
Comment Utility
Apply correction requested by CV in http:#a34490770

WallyMod
Community Support Moderator
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now