Solved

How can I prevent terminal services from creating multiple roaming profiles when a user doesnt log off correctly

Posted on 2013-05-29
3
690 Views
Last Modified: 2013-05-29
Good afternoon Experts,

I am inquiring today about terminal services. Several of our user base here at the BGCMC are not logging off thier terminal services sessions normally, thereby creating multiple instances of thier profiles. The symptoms are that when a user logs on to his/her Active Directory terminal services RDP account, they may get any one of the profiles.

I have one user that keeps getting her browser hijacked by malware. I set her defualt homepage to Google and it works for the enterity of that sesion, but when she logs back on
she will invariably get one of the other profiles in which the IE browser is still hijacked.

Is there a solution to prevent the creation of multiple profiles , so we only have to deal with the one profile. As an aside, the small business vendor that handles our  Active Directory , uses an antivirus suite called eset (I think) , I would think that the suite would protect IE from being hijacked but, obvisoully it doesnt , because many of the users are complaining about both the multiple profiles and the hijacking of IE.

Your input or solutions to these problems would be appreciated.
0
Comment
Question by:BLACK THANOS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 29

Assisted Solution

by:serialband
serialband earned 100 total points
ID: 39206039
You should just run delprof.exe remotely to delete the roaming profiles or delete them all manually before the next time a user logs in.
0
 
LVL 81

Accepted Solution

by:
David Johnson, CD, MVP earned 400 total points
ID: 39206051
Why oh why do they get multiple profiles in the first place? You should use folder redirection for remote desktop clients this way they will consistently get the EXACT same profile which doesn't depend upon the machine that they eventually land on.

Malware bytes does a better job of removing and preventing malware.

You can set terminal services to reconnect to the existing session if recovering from a disconnection / logoff

The Group Policy settings can be found in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Profiles and can be configured by using either Local Group Policy Editor or the Group Policy Management Console (GPMC).

http://technet.microsoft.com/en-us/library/cc742820.aspx
0
 

Author Comment

by:BLACK THANOS
ID: 39206594
ve3ofa,

I dont know why I didnt think of that , as that is exactly what I did at my previous job, used folder redirection. I love Malware bytes. The rest of your input was also germane to my
problem, but serialband gave me a good tool for future use. I will award serialband 100 of the 500 points and the rest go to you. Thanks ever so much.

Regards,
Regis Hyde
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question