Cannot copy a user profile (Copy To button gets disabled)

[*Vanguard*]

When I first installed Windows XP Pro, it created the Administrator
account but had me create my own admin-level account (Microsoft decided
to treat all users as dummies that didn't better than to use
Administrator as their primary account). I also created an AdminBackup
account just in case. So I ended up with the following accounts:

Administrator
myaccount
AdminBackup

AdminBackup was created second. myaccount was created right after the
install (or during it when prompted) so it was created before
AdminBackup. I tried to copy myaccount's profile atop of AdminBackup
(System Properties -> User Profiles). However, the Copy To button gets
grayed out (i.e., became disabled) when I selected myaccount. The Copy
To button is enabled when I select either the Administrator or
AdminBackup accounts so I copy those using this tool. Just can't use it
for my own admin-level account.

So then I checked the accounts. Both Administrator and AdminBackup were
in the Administrators group. However, myaccount was in some weird
group, so I'd see:

name: myaccount
group: OWS_2023769362_admin
Microsoft Sharepoint role 'admin' for web http://myhostname

What the hell is Sharepoint and why would I care? Okay, so I know a
little (very very little) about Microsoft's Sharepoint but it's nothing
I'm going to be using. So I changed myaccount to put it into the
Administrators group. This required me to logoff and log back on. Yet
the Copy To button is still disabled when I select myaccount when trying
to copy profiles.

The Admin* profiles are only 1.06 MB in size. myaccount's profile is 46
MB in size. I can't believe that size has anything to do with
restricting me from copying my profile. Profiles do go bad. Just read
the newsgroups. It happens. So I'd like to have a separate copy of my
profile. It seems stupid that I have to open Explorer and copy
%userprofile% myself instead of using this tool that is obvious for
handling that.

Why out of the 3 accounts currently defined on my Windows XP Pro SP1a
computer, all of which are in the Administrators group, does the Copy To
button get disabled on one of them?

 

[Mark Dormer]

You cannot copy the profile of a logged on user.
Log on as one of the other users and then copy the profile

Regards
Mark Dormer

 

[*Vanguard*]

"Mark Dormer" said in news:[email protected]:

You cannot copy the profile of a logged on user.
Log on as one of the other users and then copy the profile

Must be because some files may be locked, especially since NT Backup (in
the Windows XP version) can use shadow copying so it doesn't matter if
files are open. Peculiar that this worked okay under Windows 2000.
After making several changes to the desktop and user configuration, I'd
eventually get to the point where the desktop was stable and I'd want to
copy its profile atop of AdminBackup's. I never encountered the problem
with a corrupted profile but know that it happens. If it did, I could
simply logon under AdminBackup and have a familiar desktop.

Alas, when I logon under Administrator (or AdminBackup), the Copy To
button still grays out when I select myaccount.

 

[*Vanguard*]

"*Vanguard*" said in
And here's some more Microsoft stupidity under Windows XP. I login
under Administrator. I figure that gives me free reign over the profile
directory for myaccount (so I can copy it). Nope. I get an error that
ntuser.data under myaccount's profile is inuse. Inuse? By whom? I use
SysInternals' handle utility and find that the 'System' process has a
handle open. While logged on under Administrator, it has a handle to
its ntuser.dat file under its profile path AND it has a handle open on
myaccount's ntuser.dat file under myaccount's profile path. WTF?

When I login under myaccount and check for handles to any ntuser.dat
file, it lists:

handle -a ntuser.dat
System pid: 4 C:\Documents and Settings\NetworkService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\NetworkService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\LocalService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\LocalService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\<myaccount>\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\<myaccount>\NTUSER.DAT

Notice that while logged in under Administrator that it has a handle
open on myaccount's user registry hive (ntuser.dat). Why is
Administrator reading and sharing registry data from a different
account?



I don't know what the LocalService and NetworkService profiles are used
for. When I run the same command, I get:

handle -a ntuser.dat
System pid: 4 C:\Documents and Settings\Administrator\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\Administrator\NTUSER.DAT
System pid: 4 C:\Documents and Settings\NetworkService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\NetworkService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\LocalService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\LocalService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\<myaccount>\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\<myaccount>\NTUSER.DAT

 

[*Vanguard*]

Okay, this time with the paragraphs in the correct order ...

I login under Administrator. I figure that gives me free reign over the
profile directory for myaccount (so I can copy it). Nope. I get an
error that ntuser.data under myaccount's profile is inuse. Inuse? By
whom? I'm logged in as Administrator, *not* under my account. I used
SysInternals' handle utility and find that the 'System' process has a
handle open. While logged on under Administrator, it has a handle to
its ntuser.dat file under its profile path AND it also has a handle open
on myaccount's ntuser.dat file under myaccount's profile path. WTF?

When I login under <myaccount> and check for handles to any ntuser.dat
file, it lists:

handle -a ntuser.dat
System pid: 4 C:\Documents and Settings\NetworkService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\NetworkService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\LocalService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\LocalService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\<myaccount>\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\<myaccount>\NTUSER.DAT

I don't know what the LocalService and NetworkService profiles are used
for. When I login in under Administrator and run the same command, I
get:

handle -a ntuser.dat
System pid: 4 C:\Documents and Settings\Administrator\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\Administrator\NTUSER.DAT
System pid: 4 C:\Documents and Settings\NetworkService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\NetworkService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\LocalService\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\LocalService\NTUSER.DAT
System pid: 4 C:\Documents and Settings\<myaccount>\ntuser.dat.LOG
System pid: 4 C:\Documents and Settings\<myaccount>\NTUSER.DAT

Notice that while logged in under Administrator that it has a handle
open on myaccount's user registry hive (ntuser.dat). Why is
Administrator reading and sharing registry data from a different
account?

 

[Steve Nielsen]

Have you tried creating a new admin account, login using it. Does the
same thing still happen? Just a thought.

Steve

 

[*Vanguard*]

"Steve Nielsen" said in news:[email protected]:

Have you tried creating a new admin account, login using it. Does the
same thing still happen? Just a thought.

Another user (in another newsgroup) mentioned looking at the Event
Viewer to check the logs. There I found an Userenv error that said some
process was not released the registry file. I'll have to test my
startup programs and then my services to see what it keeping the
ntuser.dat file open although I logged off.

 

[*Vanguard*]

"*Vanguard*" said in news:[email protected]:

Okay, after using msconfig.exe to disable all startup programs, the
problem went away. I actually had expected that this would not help
and that I'd have to investigate the NT services. However, after
several reconfigurations and reboots using msconfig.exe to disable
startup programs, I finally got myaccount's ntuser.dat file to NOT be
held open when logging off (and logging on as Administrator). Turned
out to be:

ccRegVfy.exe

This is a startup program in the registry Run key that Symantec uses
to detect if their registry keys have been hacked or altered. They
now hash the registry key names and values so if altered then such
alteration can be detected. Apparently this keeps a hold on my
ntuser.dat file while it checks the Symantec registry keys during a
logoff. If I use msconfig to disable a startup program, it opens on
login to remind me that it has altered the startup list. So I used
Mike Lin's Startup applet to disable (not delete) the Run key used to
run ccRegVfy. So far, I've not been afflicted with my ntuser.dat
file being left open when logging off. However, peculiarly the Run
key for ccRegVfy disappeared. Oh, well, disabled or gone, the result
is the same: no more problem. I'll have to check if it reappears.

Oops, spoke too soon. ccRegVfy ain't the problem. Although not running
it seems to reduce the occurrence of the problem, it doesn't go
completely away by removing ccRegVfy from the Run key.