• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Win2k3/WinXP Migrated Profile Problem

I

illicitporpoises

Junior Member
I'll try to explain this as best I can. I'm having trouble putting it into words.

We have a small company (40 or so users) running off of an NT4 domain. We are currently moving everyone over to a Win2k3 AD domain with roaming profiles.

A good deal of the users had existing local profiles under the NT4 domain that were copied over to the AD server as roaming profiles. A handful of old users and all new users have fresh profiles.

What happens, I think, is that the migrated users have their profiles 'split' between the old local profile, and the new Win2k3 profile. Certain user settings, like Outlook data (We intend to switch over to Exchange Server shortly) and some other program settings are stored under /documents and settings/user while everything else is stored under the new /documents and settings/user.domain directory.

Now here's the specific problem. For the purposes of testing and setting things up, the new user accounts were given local admin privileges, with the intent of revoking them once things were set up. However, in every instance of these migrated profiles, once privledges are dropped below admin, the profile fails to load. Logging in results in empty start menu's, blank desktop and no user settings. Changing the user account back to admin allows the profile to load.

The users have full access to both local profile directories and the network share where roaming profiles are stored. Obviously letting these users have local admin rights is a no go. I assume the problem has something to do the split profiles.

Aside from manually recreating each profile from scratch, is there a way to fix this?
 
First off roaming profiles is pretty much just a function of the client OS (and the file share it sits on); it shouldnt matter if an account is a member of active directory or just a member of an NT 4 domain.

That said I'm going to guess your problem is in one of a couple of places, so here are some things to check.
1. Ensure that on a specific user's profile directory they have full control, as well as "system" and that either the user or "administrators" have ownership of ALL the files contained within.
-The best way to accomplish this would be to recursivly apply the privilages and give ownership to "administrators" to the root profile directory and make sure to check the "replace privilages/replace ownership" box while doing so. Do this a couple times back and forth so that you can be certain that every file has proper ownership and privilages.
2. Reboot the client machine (to ensure no profile file locks) and delete or rename the locally cached profile(s) for that user and have them log on.
-If there is both a "username" as well as a "username.domain" profile directory for them locally do this to both of them. The net result is that the full profile should get pulled down from the server, properly, and using no localy cached files.
 
Ok, here's what I just did.

1. Reset ownership on the remote profile to the Administrators group. Replaced ownership on entire directory.

2. Gave the following users/groups full access to the remote profile. user, creator/owner, admins, and system. Set these permissions for the entire directory.

3. Deleted the locally cached profile.

4. Deleted the users local account, and then added it again.

5. Rebooted, logged on as user.

Same problem. I'm starting to think I'll have to manually recreate these user profiles.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top