Re: Roaming Profile

Scott <Scott@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Thank you for your reply. Yes, I was confused, specifically between
steps 3 and 4 of your procedure. I know nothing changes at the
workstation. I was concerned that if you initially set up the profile
path at the server, then logged in at the workstation, there would
not yet be a profile on the server for the workstation to load. I now
see that I'm thinking too much.

Don't do that. Just stand there and look pretty. :)

Glad to help....


Thank you!

"Lanwench [MVP - Exchange]" wrote:

Scott <Scott@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I'm confused on the "timing" of setting roaming profiles.
If I set the profile path *before* a user logs in, isn't the XP
workstation looking for something that is not there?
Wouldn't the requirement be to set to roaming *after* a user logs
in?

Thanks.

Hmm - I think you may be a bit confused. You don't actuallychange
anything on the workstation at all, for a roaming profile to work -
before or after login.

If a user logs into the domain and there's a profile path defined in
ADUC for him, his profile is a roaming profile.

The only thing you could change on the workstation is whether that
cached profile is something you want to be updated or not - you can
change that cached copy to a "local" profile, so new logins/logouts
won't affect it. I sometimes do this on a laptop if I don't want the
user's desktop to be modified by laptop-specific stuff.

Here's my boilerplate on roaming profiles -

1. Set up a share on the server. For example - d:\profiles, shared as
profiles$ to make it hidden from browsing. Make sure this share is
not set to allow offline files/caching!
2. Make sure the share permissions on profiles$ indicate
everyone=full control. Set the NTFS security to administrators,
system, and users=full control.
3. In the users' ADUC properties, specify
\\server\profiles$\%username% in the profiles field
4. Have each user log into the domain once from their usual
workstation (where their existing profile lives) and log out. The
profile is now roaming.
5. If you want the administrators group to automatically have
permissions to the profiles folders, you'll need to make the
appropriate change in group policy. Look in computer
configuration/administrative templates/system/user profiles -
there's an option to add administrators group to the roaming
profiles permissions.

Notes:

* Make sure users understand that they should never log into multiple
computers at the same time when they have roaming profiles (unless
you make the profiles mandatory by renaming ntuser.dat to ntuser.man
so they can't change them). Explain that the
last one out
wins, when it comes to uploading the final, changed copy of the
profile.

* Keep your profiles TINY. Redirect My Documents at the very least;
usually best done to the user's home directory on the server -
either via
group policy (folder redirection) or manually (far less advisable).
If you aren't going to also redirect the desktop using policies,
tell users that they are not to store any files on the desktop or
you will beat them with a stick. Big profile=slow login/logout, and
possible profile corruption.

* Note that user profiles are not compatible between different OS
versions, even between W2k/XP. Keep all your computers. Keep your
workstations as identical as possible - meaning, OS version is the
same, SP level is the same, app load is (as much as possible) the
same.

* Do not let people store any data locally - all data belongs on the
server.

* The User Profile Hive Cleanup Utility should be running on all your
computers. You can download it here:
http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en



.

Relevant Pages

  • Re: "Classic logon" screen in XP does not remeber the user name
    ... upgrade mode and I have seen that myself on one of my computers that worked ... John N ... I recently upgraded a workstation from Windows 2000 Pro to Windows XP Pro. ... can copy missing shortcuts to the new profile. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: "Classic logon" screen in XP does not remeber the user name
    ... John N ... I recently upgraded a workstation from Windows 2000 Pro to Windows XP Pro. ... can copy missing shortcuts to the new profile. ... you can work from the server and ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Roaming Vs Local User Profile - Win2K3 Server
    ... You are logging on to the XP machines with a domain account you created ... The option to switch to a roaming profile WILL be greyed out at the ... Your only options from the workstation is to tell the workstation NOT to ...
    (microsoft.public.windows.server.general)
  • Re: Change Domain user profile and reconfigure Redirected My Docum
    ... If the workstation is separated from the original domain, ... I copy the Domain profile to a fresh local profile the My Documents folder ... Windows Explorer and click Tools -> Folder Options and go to the Offline ...
    (microsoft.public.windows.server.sbs)
  • Re: "Classic logon" screen in XP does not remeber the user name
    ... would be to install RC. ... I recently upgraded a workstation from Windows 2000 Pro to Windows XP Pro. ... can copy missing shortcuts to the new profile. ... just temporarily] another user account that is also an administrator ...
    (microsoft.public.windowsxp.security_admin)