Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 79
  • Last Modified:

Issue with Roaming Profiles.

Hello,
I am getting this error when trying to migrate user profile using ADMT tool. What happens if the user has roaming profile

2016-09-13 04:15:57 Operation completed.

2016-09-13 04:15:55 ERR3:7438 No NTUser.DAT file for adam.barr was found in \\server\RoamingProfiles$\adam.barr.  The roaming profile cannot be migrated.
2016-09-13 04:15:57 Updated user rights for CN=Adam Barr
2016-09-13 04:15:57 Operation completed.
0
creative555
Asked:
creative555
  • 6
  • 5
1 Solution
 
Hypercat (Deb)Commented:
It appears that the roaming profile folder designated is empty or doesn't have a full copy of the user's roaming profile.  If the NTUser.DAT file isn't present, then the roaming profile won't work, so the migration would be unsuccessful.  Have you (can you) check the original roaming profile folder for that user to see if it is fully working?  Is this happening with only one or a few users, or with every user?
0
 
Hypercat (Deb)Commented:
Also, could be a problem with the path to the roaming profile folder. It looks like your path may not have the full FQDN included. This article has a few suggestions:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/1935b4bc-eabf-4087-9f6d-ffb9b0f564d9/err37438-no-ntuserdat-file-for-user-was-found?forum=winserverDS
0
 
creative555Author Commented:
Hello,
Thank you so much for such a quick response.

Yes. You are right. I don't see NTUser.DAT file in the shared folder. Also it is happening for more than one user. Folders don't have anything even after I logged of as user and created some pics and documents.

I should also see pictures and documents for that user in that folder. Correct?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Hypercat (Deb)Commented:
If the NTUser.dat file isn't present, then it's not a roaming profile, or the roaming profile isn't working properly.  Also, from the fact that your tests aren't creating any new files or folders in the "profile" folder, it appears that the folders you're looking at aren't functioning as roaming profile folders.  Do you see an actual group policy in place on the domain to create roaming profiles for users?  Is it possible that these are redirected folders but not full roaming profiles?
0
 
creative555Author Commented:
I didn't setup any GPOs or policy to create roaming profiles...Do I need to in order for them to work? All I did was created shared folder with permissions and specified the path to the folder from ADUC for the Profile path field. Confirmed the folder was created when user logged off. But nothing in that folder was created.

I followed this link to configure roaming profiles.
http://www.avoiderrors.net/create-roaming-profile-on-windows-server-2012/
0
 
creative555Author Commented:
Can you please also tell me how ADMT processes roaming profiles?

For example, ADMT will re-acl all folders and files that are on local computers. What happens to the roaming folder where Roaming data is stored? Will ADMT process that folder on a different computer as well or is there an additional step needed to re-acl the folders for roaming users on that server?
0
 
Hypercat (Deb)Commented:
No, you're OK on that except for the permission issues which is probably what's causing your problem.  I was thinking about folder redirection when I mentioned the group policy issue, and I mis-wrote "roaming profile folders."

The permissions are probably the issue.  Although it's not a preferred method for me, using the "Everyone" group with Full permissions for the sharing permissions is OK. However, the NTFS permissions should NOT have the everyone group with full control.  What you need to do with the folders themselves is ensure that the user has Full Control and the Administrators group (local admin, or built-in domain admin if it's a DC) has ownership of all of the roaming profile folders.  Specifically, on the top level profile folder, you should have:

Administrators - full
System - full
Users - Read and execute, list folder contents, and Read

On each individual folder, the user has to have Full Control, and the Users group should not be listed at all. But in order to be able to manage these folders (and migrate them) your Administrator account will also need Full Control of all of those folders (and their contents) if it doesn't already have that level of access.
0
 
Hypercat (Deb)Commented:
Actually I looked at the ADMT documentation and they recommend slightly different security settings for migrating the profiles.  Look here near the bottom of the article under "Planning for User Profile Migration":

https://technet.microsoft.com/en-us/library/cc974331(v=ws.10).aspx
0
 
creative555Author Commented:
Thank you so much for your help!!! Yes. Permissions were the issues
0
 
creative555Author Commented:
thank you so much Hypercat! The issue was resolved and I migrated profiles successfully. I did have to implement two GPOs through to let roaming profiles to load:

Enable the GPO “Do not check for user Ownership of Roaming Profile Folders” for the target domain.

Reference:
https://support.microsoft.com/en-us/kb/327259

I have another issue with roaming profile when logging in from a different computer after migration. Will post it as a new question so you get points for the new issue. thanks so much!!
0
 
Hypercat (Deb)Commented:
Glad to be helpful, and you're very welcome!!
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now