Dynamic Local User

D

Doug Golden

Spec's:
Windows 2003 AD
Domain user accounts with roaming enabled
Wokstation's are added to Domain
Group Policy settings are enabled at the OU container
level

Problem:
Local user accounts don't dynamically create on
workstation/laptop's.

User's can roam/logon to any workstation within the
domain, but a user account isn't created locally on the
computer. I'm used to the Dynamic local user creation
ability in Netware and can't find a similiar capability
in Windows Group Policies.

How are people dealing with laptop users in a windows
environment if a local account isn't being created
dynamically. Creating these accounts manually isn't
viable, because different user's may need access to the
computer when offline.
 
D

David Jones

Roaming users by definition don't have local profiles...
What exact scenario that you're trying to accomplish is
broken? More to the point, why are you looking for local
profiles here?
 
D

Doug Golden

David,
Currently, when a user logs in, NetWare policies create
a "Dynamic Local User" on the workstation. This is
helpful because (a) it creates a local account for the
user in the event that they need to login locally (i.e.,
laptop users) and (b) it synchronizes the local account
w/ the roaming profile - files, passwords, desktop
settings, etc...

So, with MS policies, how are we to (a) MANAGE local
accounts and (b) migrate existing accounts from Novell?
In other words, with an "existing" user, are their
settings saved, and the change seamless to them? With
a "new" user, what do they get when they login for the
first time to the network, and is that information saved
so when they unplug and go home, it's all there?

In our testing, we found that if we unplug the wire
(after a successful net login), the settings are all
saved (cached, maybe?) but we *do* get an error about the
roaming profile. This is confusing to us. Is this just
the way it is? Do they just never get a local account,
just a cached copy of the profile? How do you
troubleshoot a cached account? If they have problems
logging in, do you login as Administrator every time?

I realize we could go into User Manager and manually
create an account for them, but are we supposed to do
that 500 times on 500 machines? I know there are a lot
BIGGER organizations than us, so I know this cannot be a
viable option.

Thanks for the help.
 
L

Longhorn

who the **** is david? ...maybe you should use e-mail for private
conversations instead.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Local Power User on domain 1
Restrict Logons allowed on a workstation 1
Local admin rights not flowing through 5
Deny user access to local disk 2
Adding domain account to local administrators... 3
Custom user group in windows XP 2
Copying Administrator Profile to Standard User 3
Add remote local account to local file security 1

Top