Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Roaming profile when we don't do Roaming Profiles?!?

Posted on 2010-11-30
3
Medium Priority
?
379 Views
Last Modified: 2012-06-27
Greetings, Experts.

I have ONE SPECIFIC user (for this case and for user distinction, we'll call him "Curly") unable to reliably log in and create a local profile for himself.  He has done this on two completely different systems (a desktop system I use for testing purposes, and the laptop I've deployed for him).

His first-ever login on his credentials was successful, but subsequent login attempts turn into a "Roaming profile" when we don't use them.  This was performed on a "Guest" system I maintain for employee training.

I have logged in under my Domain Admin creds, my standard user creds, and I've even gone so far as to have another standard user log ("Shemp") in, all of which have been successful.

Some items of note:

1. Curly's account was copied from the individual he replaced ("Joe"), so the credentials are identical, other than Joe's account being disabled.
2. I've verified the accounts (Both System and User) are in the proper OUs for our AD.
3. The system Curly's using was Joe's, but the system has been re-imaged completely with WinXP SP3 with full updates applied.
4. I have removed the system from the domain (2x, now) and rejoined after a restart, but the issue remains persistent...for ths ONE user.
5. I have run the UPHClean Tool, but the issue remains persistent.
6. Joe had no issues with this system nor connecting to the domain while he was here.
7. I have verified connectivity via the onboard NIC, and have disengaged the Wireless NIC for good measure.

After Curly attempts to login, he sees the following dialogue:

"Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you logoff. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator."

Any help or suggestions would be appreciated.

Regards,
Wada
0
Comment
Question by:Wadauwan
  • 2
3 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 34240893
If you open up Curly's account using Active Directory Users & Computers and click on the Profile Tab of his account, is the Profile Path field empty?

If yes - then there should not be a Roaming Profile - If No - then it should be as this is what controls the Roaming Profile.  Delete the data in the field and then login / logout twice to remove the Roaming Profile from the client computer.
0
 

Author Closing Comment

by:Wadauwan
ID: 34241103
This was an ID-10T issue on my part.

I had entered Curly's "Title" and "Department" in the Profile Path" and "Login Script" fields, respectively.

rofl...nice catch, Alan.  Thanks!
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34241121
Aha - or as we call it PEBCAK

Problem
Exists
Between
Chair
And
Keyboard

Either way - glad it is resolved.

Thanks for the points

Alan
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question