Solved

Switching to mandatory profiles and default desktop for Windows 7 laptops (AD environment)

Posted on 2013-06-24
4
969 Views
1 Endorsement
Last Modified: 2013-06-26
School environment with single domain hosted on a dual Windows server environment (comprising 1 x Windows 2008 R2 server and 1 x Windows 2003 Server).  Some desktops running Win XP, but all other desktops and ALL student laptops running Windows 7.  

Currently using roaming profiles and login scripts to map drives to users own areas, set printers etc.

I want to move away from roaming profiles to help speed up the login process.  The students don't need to be able to make any changes to their desktops so a standard 'default' desktop is required, with a couple of drives mapped on login.  The students personal data is saved to their own personal areas on a network drive, i.e  x:\\server\studentusers\username$  although occasionally they save work to a shared area on the network that is year group or key stage specific, another of the drive mappings required.

I know I need to stop the loading of roaming profiles by changing the user account properties in AD, but where do I start in configuring a standard desktop / profile, ideally held on each local drive that the students (and in fact staff) will default to when they login?  I think this is the best way forward rather than go about having to have a locally stored profile for every student/staff member on every laptop) and instead just direct the login process to use this one locally stored profile.   (More than happy to take advise if this isn't the best route!)  

The main goal is to minimise the login traffic as much as possible, hence the move away from roaming profiles, give each user a 'standard' desktop' and automatically have their drives mapped to their network drives.  

Can anyone advise me what areas I need to configure/reconfigure to get this ?  Keeping in mind that half of the staff will be logging in either to a Win XP OR Win 7 desktop as well as their Win 7 laptops.

Many thanks in advance
1
Comment
Question by:amandajgolf
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:phoenix5ire
ID: 39272764
0
 

Author Comment

by:amandajgolf
ID: 39275511
Thanks for the link.   Looks good.  
Would there be anyway to copy the profile across to other laptops do you think to save me having to repeat this exercise on each of the Win 7 laptops in school?
0
 
LVL 3

Accepted Solution

by:
phoenix5ire earned 500 total points
ID: 39276344
Unfortunately, in this situation, a copy will still be a copy no matter how get it over to another computer. The easiest way to make this happen is to create a GPO and run a script to copy the profile to each laptop/computer when the computer is on the network. What you would do is, create the default profile, when you're satisfy with the final profile, copy the default profile onto your domain DFS root, i.e,... \\yourdomain.com\sysvol\netlogon\ProfileName

Have the GPO run the script to copy the profile from your domain DFS to the local computer, you can apply this GPO to only certain laptops or container (OU). You'll want to put an "IF EXIST" statement to check if profile exist, if so, "GO TO EXIT".  This way script doesn't run the copy over/over to the same computer.  

Of course, be sure to test this before final deployment. If you have a lot of laptops, depending on the size you make your default profile and the speed of your network, your internal network or Internet will be affect if all or some computers are getting the copy at the same time.

For future workstations/laptops, just make the default profile as part of the computer's image.
0
 

Author Closing Comment

by:amandajgolf
ID: 39278759
Good advise and easy to follow instructions.  Thank you.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now