Local Mandatory Profile for Windows 7


I am trying to configure a public laptop, running Windows 7 Pro, to use a mandatory user profile. I just want the data and changes that may have been made during a user session to not persist at log-off. All of the Microsoft documentation points to using a roaming mandatory profile. I cannot use that, the laptop is not part of any Windows domain.

I have seen a solution where Pharonics Deep-Freeze was the choice, but that is not a possibility here. Any ideas how to pull this off?

LVL 27
Jason WatkinsIT Project LeaderAsked:
Who is Participating?
teomcamConnect With a Mentor Commented:
Here is what I have done for the similar scenario.

1-Downloaded WAIK (Windows Automated Installation Kit) and installed (Free) On different computer, preferably your tech computer.
2-Install  your laptop and  first, activate Administrator account (as default its disabled-Right click on Computer icon and manage, local users and groups) and remove the initial admin account the one that you have essentially created at the end of the setup! Now you logged in Administrator account, and install other softwares that you need. Customize desktop, gadgets and other softwares (Office especially-at first run it asking update settings whihc user will need administrator creditentials, its better to do it know so no user will be asked this question)
3-Now go back to other computer and create a folder under C: and name it (say WAIK) and copy the Install.vim and Install_Windows 7.clg files which located under sources to the WAIK folder you just created and run the WAIK. You do not need rest of CD components!!!
4-After finish preparation you will create an answer file (please watch the tutorial how to do this http://technet.microsoft.com/en-us/windows/ff657745.aspx) Please use your answer file name as myunattend as I prepared the last command according to that. Most important part here is Copy Profile command which is under Microsoft-Windows-Shell-Setup (right click and Specialize) and Copy profile must be TRUE.
5-copy that answer file under the Windows\System32\Sysprep\
6-Now you look your desktop and make sure everything customized as you wish and type the following command via cmd!! (Not via GUI)
C:\>Windows\System32\Sysprep  (Enter)
sysprep.exe /oobe /generalize /unattend:myunattend.xml  (Enter)

After restart the system your default profile on this machine will be what you have customized for the users who does not have profile path on your domain. Same profile will be applied to all users even without network connection.
R. Andrew KoffronCommented:
look over this article I think it might be your solutions.
Jason WatkinsIT Project LeaderAuthor Commented:
Thanks! I'll give that a try.
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Are you familiar with group policy?

Just enable the following key, and you're set.

User Configuration\AdministrativeTemplates\Desktop
Don't save settings at exit
Jason WatkinsIT Project LeaderAuthor Commented:

Here is what I did…
1.       Copy default user profile.
     a.       Create a folder in the X:\users dir with a .v2 at the end
     b.      Go to system>advanced system settings>user profiles
     c.       Hit “copy to” on default user, then point it to the .v2 folder you created in X:\users
     d.      Set “permitted to use” to everybody.
2.       Create a new user and put them in a group. (in computer management)
3.       Then under the properties of the user, set the profile path to be the .v2 dir you created under     X:\users (WITH OUT THE .V2 AT THE END)
          a.       Exp. If your .v2 directory is “C:\users\test.v2” the path you would use is “C:\users\test” it  figures out it’s a mandatory profile.
4.       The last thing you need to do is, change the ntuser.dat to ntuser.man
It seems you are taking the wrong approach, and going way overboard to do a simple task. If you have a public PC, and you don't want users to save data, its a very simple task. Make the user limited, and do one of these tasks:

-Programs like Deep Freeze, SteadyState, Clean Slate work wonderfully, but if you can't use that...
-A batch file or startup script to delete the user profile at each reboot, and replace it with the default profile.
-Or just configure group policy to not save the settings at reboot. You don't have to be on a domain to edit local group policy.
Jason WatkinsIT Project LeaderAuthor Commented:
The "Do not save settings at exit" setting did absolutely nothing.

I am no good with scripting and cannot create such a script to delete the profile at logoff.
Jason WatkinsIT Project LeaderAuthor Commented:
That approach works as well. Thanks!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.