We help IT Professionals succeed at work.
Get Started

Server 2008 R2 Issues with roaming profiles and share permissions since backup restore

Last Modified: 2016-04-21

I have a windows server 2008 which was recentley hit by teslacrypt virus - For those who don't know, this virus attacks shared folders/USB drives and encrypts files to the point where they are useless unless a ransom is paid via bitcoin.

I didn't pay the ransom, instead I relied on backups using symantec backup exec. The infected folders were:

StaffProfiles (used for each staff login using roaming profiles)
StaffCommon (a simple data share folder for all staff access)
APPS (again, just data containing mainly software installers)

The way backup exec works, it will restore the files from the backup, but if the folder already contains files not included in the backup it will simply restore the unencrypted files but also leave the encrypted files in place, obviously not ideal so I thought it would be best to empty the contents of the above shares and restore a clean backup, this has worked perfectly, however since doing so we have the following problems...

any user within the 'StaffUser' group can now only logon to their roaming profile as a temporary profile - With exception of the domain administrator account which works fine.

The DC won't sync the time using w32tm /sync from any client - Although I suspect this was an issue prior to the restore as the time was way out on some machines.

If I create a new profile within the 'StaffUser' group using the 'copy' (to copy one of the original staff profiles) I get an error message > "The \\dc\staff\setupcopy home folder was not created because: The network name cannot be found. The user account has been created with the new home folder value but you must created the folder manually" - If I setup a new user without copying an existing profile this works fine and the profile is allowed to login without a temporary profile, although the user has to be individually added to share permissions.

I suspect there is a problem somewhere with the main 'StaffUsers' group no longer connecting to the profile folders since the restore - Although I can see the group within the AD it is not seen when searching the AD to add to the shares.

Any advice more than welcomed!
Watch Question
Senior Citrix Engineer
This problem has been solved!
Unlock 2 Answers and 3 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE