Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How can I prevent terminal services from creating multiple roaming profiles when a user doesnt log off correctly

Posted on 2013-05-29
3
687 Views
Last Modified: 2013-05-29
Good afternoon Experts,

I am inquiring today about terminal services. Several of our user base here at the BGCMC are not logging off thier terminal services sessions normally, thereby creating multiple instances of thier profiles. The symptoms are that when a user logs on to his/her Active Directory terminal services RDP account, they may get any one of the profiles.

I have one user that keeps getting her browser hijacked by malware. I set her defualt homepage to Google and it works for the enterity of that sesion, but when she logs back on
she will invariably get one of the other profiles in which the IE browser is still hijacked.

Is there a solution to prevent the creation of multiple profiles , so we only have to deal with the one profile. As an aside, the small business vendor that handles our  Active Directory , uses an antivirus suite called eset (I think) , I would think that the suite would protect IE from being hijacked but, obvisoully it doesnt , because many of the users are complaining about both the multiple profiles and the hijacking of IE.

Your input or solutions to these problems would be appreciated.
0
Comment
Question by:BLACK THANOS
3 Comments
 
LVL 29

Assisted Solution

by:serialband
serialband earned 100 total points
ID: 39206039
You should just run delprof.exe remotely to delete the roaming profiles or delete them all manually before the next time a user logs in.
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 400 total points
ID: 39206051
Why oh why do they get multiple profiles in the first place? You should use folder redirection for remote desktop clients this way they will consistently get the EXACT same profile which doesn't depend upon the machine that they eventually land on.

Malware bytes does a better job of removing and preventing malware.

You can set terminal services to reconnect to the existing session if recovering from a disconnection / logoff

The Group Policy settings can be found in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Profiles and can be configured by using either Local Group Policy Editor or the Group Policy Management Console (GPMC).

http://technet.microsoft.com/en-us/library/cc742820.aspx
0
 

Author Comment

by:BLACK THANOS
ID: 39206594
ve3ofa,

I dont know why I didnt think of that , as that is exactly what I did at my previous job, used folder redirection. I love Malware bytes. The rest of your input was also germane to my
problem, but serialband gave me a good tool for future use. I will award serialband 100 of the 500 points and the rest go to you. Thanks ever so much.

Regards,
Regis Hyde
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question