Solved

How can I prevent terminal services from creating multiple roaming profiles when a user doesnt log off correctly

Posted on 2013-05-29
3
689 Views
Last Modified: 2013-05-29
Good afternoon Experts,

I am inquiring today about terminal services. Several of our user base here at the BGCMC are not logging off thier terminal services sessions normally, thereby creating multiple instances of thier profiles. The symptoms are that when a user logs on to his/her Active Directory terminal services RDP account, they may get any one of the profiles.

I have one user that keeps getting her browser hijacked by malware. I set her defualt homepage to Google and it works for the enterity of that sesion, but when she logs back on
she will invariably get one of the other profiles in which the IE browser is still hijacked.

Is there a solution to prevent the creation of multiple profiles , so we only have to deal with the one profile. As an aside, the small business vendor that handles our  Active Directory , uses an antivirus suite called eset (I think) , I would think that the suite would protect IE from being hijacked but, obvisoully it doesnt , because many of the users are complaining about both the multiple profiles and the hijacking of IE.

Your input or solutions to these problems would be appreciated.
0
Comment
Question by:BLACK THANOS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 29

Assisted Solution

by:serialband
serialband earned 100 total points
ID: 39206039
You should just run delprof.exe remotely to delete the roaming profiles or delete them all manually before the next time a user logs in.
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 400 total points
ID: 39206051
Why oh why do they get multiple profiles in the first place? You should use folder redirection for remote desktop clients this way they will consistently get the EXACT same profile which doesn't depend upon the machine that they eventually land on.

Malware bytes does a better job of removing and preventing malware.

You can set terminal services to reconnect to the existing session if recovering from a disconnection / logoff

The Group Policy settings can be found in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Profiles and can be configured by using either Local Group Policy Editor or the Group Policy Management Console (GPMC).

http://technet.microsoft.com/en-us/library/cc742820.aspx
0
 

Author Comment

by:BLACK THANOS
ID: 39206594
ve3ofa,

I dont know why I didnt think of that , as that is exactly what I did at my previous job, used folder redirection. I love Malware bytes. The rest of your input was also germane to my
problem, but serialband gave me a good tool for future use. I will award serialband 100 of the 500 points and the rest go to you. Thanks ever so much.

Regards,
Regis Hyde
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question