[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 579
  • Last Modified:

Efficiently creating a Roaming Profile

I'm joining one computer at a time (both Windows XP and Windows 7 computers) to a Server 2008 Active Directory Domain.  GPO is set for roaming profiles and redirection of My Documents.  My current procedure is ...
1.) Create a user account in the Domain
2.) Join the client computer to the domain
3.) Log in as the user on the client computer and let the domain create a profile folder and documents folder for the user.  The folders are created on the server.
4.) Log off the user
5.) On the server and logged in as the administrator, take ownership of the two new folders, give Domain Admins full permissions to the new folders, then re-assign ownership back to the user.
6.) Copy the contents of Desktop and Favorites from the old profile (on the client computer) to the new profile (on the server).  Copy the contents of My Documents from the old profile on the client to the new Documents folder on the server.
7.) Copy miscellenous appdata files from the old profile to the new profile, re-select the user's wallpaper, re-setup the user's outlook account, email signature, email preferences.  Copy outlook.pst to the new profile and setup outlook to use it as the default .pst file.

How can I set up GP to automatically give both the user and Domain Admins (and whoever else I specify) full permissions to the profile and the documents folders that get created when the user logs in for the first time?

How can I setup GP to automatically copy the entire user's profile (complete with wallpaper, outlook settings, etc) from the old local account to the new domain account so I don't have to do it manually?  Can I set it up so that the pointer to the outlook.pst file is relative to the new profile and doesn't point to the outlook.pst file in the old profile?  Are there registry settings that need to be copied for the new user to have all the same settings/configuration as the old user?
1 Solution
Try using the USMT tool provided by microsoft for copying the user's profile  from one machine to another.

as for the permission user should  automatically have access rights once their profile folder are created.

as for the domain admin you  can set the domain admin on root path of the profile folder and grans him full accress then just make sure the permission is inherited on the sub-folders .
Declan_BasileAuthor Commented:
Thanks for the comment netballi.  I downloaded a 297 page document on how to use USMT and can see that it's capable of much more than I what I need to use it for.  It's more complicated than the solution I was hoping for.  Unless I could get help with using it, I think it would be faster for me to manually create the new profiles on each client computer that I join to the domain.  How would I use USMT to copy a profile?  Is there a simplier program?
   Also, is there something I can set in GP so that when it creates a "profile" and "documents" folder for a user the folders are added with permissions inherited from the parent folder?  I still have to take ownership, set inherit permissions, then re-assign ownership to the user.

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now