Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Switching to mandatory profiles and default desktop for Windows 7 laptops (AD environment)

Posted on 2013-06-24
4
Medium Priority
?
986 Views
1 Endorsement
Last Modified: 2013-06-26
School environment with single domain hosted on a dual Windows server environment (comprising 1 x Windows 2008 R2 server and 1 x Windows 2003 Server).  Some desktops running Win XP, but all other desktops and ALL student laptops running Windows 7.  

Currently using roaming profiles and login scripts to map drives to users own areas, set printers etc.

I want to move away from roaming profiles to help speed up the login process.  The students don't need to be able to make any changes to their desktops so a standard 'default' desktop is required, with a couple of drives mapped on login.  The students personal data is saved to their own personal areas on a network drive, i.e  x:\\server\studentusers\username$  although occasionally they save work to a shared area on the network that is year group or key stage specific, another of the drive mappings required.

I know I need to stop the loading of roaming profiles by changing the user account properties in AD, but where do I start in configuring a standard desktop / profile, ideally held on each local drive that the students (and in fact staff) will default to when they login?  I think this is the best way forward rather than go about having to have a locally stored profile for every student/staff member on every laptop) and instead just direct the login process to use this one locally stored profile.   (More than happy to take advise if this isn't the best route!)  

The main goal is to minimise the login traffic as much as possible, hence the move away from roaming profiles, give each user a 'standard' desktop' and automatically have their drives mapped to their network drives.  

Can anyone advise me what areas I need to configure/reconfigure to get this ?  Keeping in mind that half of the staff will be logging in either to a Win XP OR Win 7 desktop as well as their Win 7 laptops.

Many thanks in advance
1
Comment
Question by:amandajgolf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:phoenix5ire
ID: 39272764
0
 

Author Comment

by:amandajgolf
ID: 39275511
Thanks for the link.   Looks good.  
Would there be anyway to copy the profile across to other laptops do you think to save me having to repeat this exercise on each of the Win 7 laptops in school?
0
 
LVL 3

Accepted Solution

by:
phoenix5ire earned 2000 total points
ID: 39276344
Unfortunately, in this situation, a copy will still be a copy no matter how get it over to another computer. The easiest way to make this happen is to create a GPO and run a script to copy the profile to each laptop/computer when the computer is on the network. What you would do is, create the default profile, when you're satisfy with the final profile, copy the default profile onto your domain DFS root, i.e,... \\yourdomain.com\sysvol\netlogon\ProfileName

Have the GPO run the script to copy the profile from your domain DFS to the local computer, you can apply this GPO to only certain laptops or container (OU). You'll want to put an "IF EXIST" statement to check if profile exist, if so, "GO TO EXIT".  This way script doesn't run the copy over/over to the same computer.  

Of course, be sure to test this before final deployment. If you have a lot of laptops, depending on the size you make your default profile and the speed of your network, your internal network or Internet will be affect if all or some computers are getting the copy at the same time.

For future workstations/laptops, just make the default profile as part of the computer's image.
0
 

Author Closing Comment

by:amandajgolf
ID: 39278759
Good advise and easy to follow instructions.  Thank you.
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we’ll look at how to deploy ProxySQL.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question