[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Rights for Roaming Profiles

Posted on 2011-04-25
8
Medium Priority
?
390 Views
Last Modified: 2012-06-21
We have a site running 2003 Server with XP and Windows 7 PC's. They run roaming profiles and be default the administrator account doesn't have access, but if we take ownership and then reassign the user to have access as well as the administrator, it breaks the profile altogether.

Is there a nice way to ensure the administrator has access to the roaming profiles AND the user?

Is there a special rights assignment we should be assigning?

Thanks in advance.
0
Comment
Question by:networkn
  • 4
  • 4
8 Comments
 
LVL 13

Expert Comment

by:Felix Leven
ID: 35464685
You can use group poliy to add the administrators:
Computer Configuration -> Administrative templates -> System -> User Profiles -> Add the Administrators security goup to the romaing user profile share

I think the share must be deleted and will will be recreated on next Log on/off
0
 

Author Comment

by:networkn
ID: 35464817
So best practices would be to configure this BEFORE we create profiles?

Would this affect the NTFS rights too?
0
 
LVL 13

Expert Comment

by:Felix Leven
ID: 35464845
Yes GPO first and then the GPO will set access rights as needed.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:networkn
ID: 35714340
Is there a way to put this in place retrospectively without trashing the existing profiles?
0
 
LVL 13

Expert Comment

by:Felix Leven
ID: 35718090
Note: If the setting is enabled after the profile is created, the setting has no effect.

1) Backup local and roaming profile
2) Delete/Rename Server/Roaming Profile
3) Set the GPO to add Administrators permission to access the profiles
4) Log on to the client, Log off Client
0
 

Author Comment

by:networkn
ID: 35809536
MrGraves, sorry for the delay in my response.

Is there a step missing? As I understand it, if I followed these instructions, the profile on the local machine would be overwritten by the profile on the server and that would then get uploaded (blank profile) to the server in step 4?

After step 5 would we need to copy back the profiles from backup?

Would it not be easier to use calcs.exe or whatever it's called to take ownership of the profile directories, add administrator and the user and then login and log off? Would that work?
0
 
LVL 13

Accepted Solution

by:
Felix Leven earned 2000 total points
ID: 35966435
Yes an new pofile is created on the profile share (server) and administrators are allowed to access it.

The profile on the Server is older then the local profile and if the client logs off/shuts down his computer the first time, the newest versions is saved to the profile share on the server (if no profile is available, it is created).

The User needs to be the owner of the Profile Folder!
0
 

Author Closing Comment

by:networkn
ID: 35971653
Thanks for your help!
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
While working, an annoying popup showing below will come and we cannot cancel or close it form the screen. The error message will come again and again.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question