Terminal Server 20120 R2 loading temp profiles intermittently

I deployed a 2012 R2 terminal server for a client recently and intermittently when they log in they are getting temp profiles. As far as I can tell there is no rhyme or reason to when it happens. Has anyone else experienced this and found a way to prevent it from happening? I know the profile attaches both to the registry and file system so there is an extra step not used in previous iterations of terminal server. Is there a way to make that process more seamless or is it really just a craps shoot?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Spike99On-Site IT TechnicianCommented:
So, what error are users seeing at logon? If you didn't get a screenshot of the error, you should see the error logged in the System or Application event log at the time the user logged on. That should give you the details about why the server failed to load the user's profile & is logging them on with a temp profile.

A large variety of issues can cause temp profiles in Server 2008 & 2012.  Although, my experience with 2012 is more limited, I have plenty of experience with failed profiles in 2008.  In my experience, the cause was usually the failure of the server to copy a file or folder from the user's roaming profile folder to the local profile folder in C:\Users.  The reasons why the server failed to copy the file or folder were varied:  file name is too long (temp files usually), it couldn't find a file or folder, or the user lacked full access to the network copy of their roaming profile.

Also, please keep in mind that Server 2008 and Server 2012 are very picky about profiles.  In Server 2003 & earlier, you could "clear" the user's profile from the server by just removing the folder in C:\Documents and Settings. Clearing the profile can resolve all types of issues, but Server 2008 & 2012 won't let you do it that way.  It used to be our standard practice to just delete the local profile folder to resolve profile issues.  It would leave behind the registry entry, but with Server 2003, Windows would just recreate the local profile folder at next logon.  So, it didn't really cause us any problems doing it that way.  But, we found out the hard way that if you delete the local folder without clearing out the associated registry entry, the user will get an error at logon that the server failed to find the local copy of the profile & is loading them with a temp profile.  That error will persist until you clear out the registry entry.  So, it's better to use the System Properties dialog's Advanced tab to clear out user profile instead of just deleting the folder.

If someone did delete the user profile folder on C: without clearing out the registry entry, you can delete the registry entry to resolve the issue.  Look in this key for the user's unique SID (Security ID):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Users with Temp profile issues will have 2 keys in that path when they're logged on:  SID & SID.bak.  The SID key should disappear when they log off, leaving only the BAK key (which is where Windows backed up the original profile key when it couldn't load the profile).

To find the user's profile key, scroll through the list to find the keys ending in .BAK, & then single click on the .BAK key.  You can tell the user name by looking at the data of the ProfileImagePath String value on the right side of the REGEDIT window, which should be C:\users\%username%.  I would have the user log off & then delete the .BAK key associated with their account, which should resolve the profile problem.

I hope this helps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PIMSupportAuthor Commented:
After getting a decent pool of information to gather from it appears that when the server restarts not all the user profiles are removed from the registry hive. I found one user who still was in the registry after the restart and when I logged in as that user the .bak profile appeared and it acted like it was their first time logging in. I logged the user back out, deleted the .bak profile, logged them back in and it worked.

Ideally they would log out every night before they leave but that is not going to happen every single time just because they have been in a culture of leaving it open or just disconnecting. I'm trying to break them of that habit but these are some older folks who are set in their ways and figuring out something to tweak on the machine end would be a better fix. I'm experimenting with a script I found to log off all terminal users but that was just recently and I am still working the bugs out.

The underlying issue here is that Backup Exec 2014 fails to back up this hyper-v terminal server if users are logged in. Something happens with the VSS and there are snapshot failures and all sorts of other headaches. Not only that but this place has 2 shifts so I am trying to get things done in a small window.
Spike99On-Site IT TechnicianCommented:
You could configure remote desktop time out settings to automatically log users off after being idle for a given amount of time.  If you're not familiar with that, here's a technet article on how to change those settings in 2012 (very similar to how it's done in 2003 & 2008).

This superuser.com forum post offers some tips about changing those settings:

For example, in my old job we would set the Idle Session Limit to 4 hours. After 4 hours, the idle session would be disconnected. Then, we would end any disconnected sessions after another 4 hours.

You could also run a scheduled task to log off any users at a given time. I found a batch file on MS.com that looks promising.   check out this page:


Although this article references Windows NT, I think the script should work just fine in newer Server OSs.  I don't have access to a 2012 server to try that out on, unfortunately.  You could run that every night to force users off the system prior to the scheduled nightly backup.
PIMSupportAuthor Commented:
This appears to be a result of users being logged on when a server is restarted. I found a script that is working via task. The contents are below. Thanks again for your help.

@echo on
for /f "tokens=3" %%a in ('query session ^| find /i "rdp" ^| find /v ">rdp"') do (if %%a LSS 65536 logoff.exe %%a)
ping -n 1 -w 60000 > nul
for /f "tokens=2" %%i in ('QWinSta ^| Find /i "Disc"') Do Echo y | RWinSta %%i
Spike99On-Site IT TechnicianCommented:
cool, I was glad I could help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.