T L Anews.com

Information for Security Concerned People
 
TLA
About Us
Home
FLApro
Jobjects
Jclntauth
Consulting
Learning Center
FW-1 FAQ
 
TLAnews
Search
 
 

TLAflash Registration
 
Tech Doc
Archive
Advertising
 
 
 
 
 
 
 
 
 
 
 
 
 
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Creating a Roaming User Profile

28.12.2007

Creating a roaming user profile is a two-step process. First you create a test user profile, and then you copy the test user profile to a network server.

Create a Test Profile
To create a test profile for the roaming user, follow these steps:
1. Log on as Administrator.
2. Click Start, point to Administrative Tools, and then click Computer Management.
3. In the console tree, expand Local Users and Groups, and then click Users.
4. Right-click Users, and then click New User.
5. Type a name and password for the user.
6. Click to clear User must change password at next logon.
7. Click Create, and then click Close.
8. Quit the Computer Management snap-in.
9. Log off the computer.
10. Log on as the test user account that you created in step 7.

A user profile is automatically created on the local computer in the drive:\Documents and Settings\username folder (where drive is the drive on which Windows is installed).
11. Configure the desktop environment, including appearance, shortcuts, and Start menu options.
12. Log off, and then log on as Administrator.
Copy the Test Profile
To copy the test profile to a network server, follow these steps:
1. Create a folder on a network drive in which you can store network profiles. For example:
\\server_name\Profiles\user_name
2. Click Start, point to Control Panel, and then click System.
3. Click the Advanced tab, and then click Settings in the User Profiles section of the System Properties dialog box.
4. Under Profiles Stored On This Computer, click the profile for the user that you created in the "Create a Test Profile" section of this article, and then click Copy To.
5. In the Copy Profile To dialog box, type the network path to the folder.
6. Under Permitted to Use, click Change.
7. Type the name of the user account that you created in the "Create a Test Profile" section, and then click OK.
8. Click OK three times.
9. Click Start, point to Administrative Tools, and then click Computer Management.
10. In the console tree, expand Local Users and Groups, and then double-click Users.
11. Double-click the user account that you created in the "Create a Test Profile" section.
12. Click the Profile tab. In the Profile path box, type the path to the network profile folder. For example, type \\server_name\Profiles\user_name.
13. Click OK.
14. Quit the Computer Management snap-in.
NOTE: To make this profile mandatory, rename the Ntuser.dat file as Ntuser.man in the user's profile folder.

 

On Deploying Profiles En Masse

If this works successfully for you, you can repeat this procedure for other users as needed. Here are a few tips, tricks, and "from the streets" experiences to hopefully make the repetitive process a bit easier:

  • If you are selecting multiple accounts in Active Directory to configure a profile path for each, you can use the %USERNAME% variable in the profile path. Windows will sort out the correct username for each user.
  • If your users already have profiles sorted out on their individual machines, you don't necessarily have to copy their profiles to the server. The simple act of specifying a profile path in the user's account properties tells Windows that if no profile exists on the network, it needs to automatically copy the locally stored profile to the server the next time the user logs out. The bottom line here is that if you want to save some time, specify the profile path in your user's account properties, and then tell her to log in to the machine that has her desktop and appearance configured the way she likes it. Then, have her log off, and her profile will be copied automatically.
  • If you are creating an account for a brand-new user who has no profile data anywhere on your network, you'll probably want that user (and any other new users you create in the future) to receive a default roaming profile automatically. To do this, you need only copy your baseline profile to \\SERVERNAME\SYSVOL\yourdomainname\Scripts\Default User. Replace your server name and domain name as appropriate. For example, in my case I would configure my baseline profile to \\MERCURY\SYSVOL\hasselltech.local\Scripts\Default User.

 

 

 

 

 

 

 

 

Related information


Back to Latest News

 

Author information.
Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved.
Revised: décembre 27, 2007 .

All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the facts of the particular situation.

   
 
 
 
 
 
 
 
 Publications
  
 Christian ALT  
      
   
Telecom and Logistics Associates est spécialisé en sécurité informatique. Intervient auprès de ses clients comme auditeurs ou pour la préparation à la certification ISO 27001 de la sécurité des systèmes d'information.

 
Translate this page from:
 
 
Résumé en français
Un excellent article que nous vous recommendons.