Forcing Roaming Profiles to load???

  • Thread starter Thread starter Doug Masters
  • Start date Start date
D

Doug Masters

It wasn't working correctly configured like this...
Computer Configuration, Admin Templates, System/User Profiles..
Log off if profile fails to load = Enabled
Wait for remote profile = Enabled
Policy was linked, but not enforced, to that OU.

New changes/additions...
do not detect slow link = enabled
GP is now enforced AND linked to the OU

Is there anything else I need to do to force these damned profiles to
load?!?!?!?! It seems that when they don't load, the user doesn't
even get their local cached copy either, but reverts to the system
default. Having more trouble with the remote location than the LAN
users. WAN is a full T1 and only about 6 client PC's at the remote
office, so I don't see a bandwidth issue.

Thanks!
D
 
same problem here

if the a/d policy isn't found for whatever reason, the user gets a default policy rather than no access. this is suicidal with high school kids! ...sometimes we're lucky and they tell us!!

thank
mar

newtown high schoo
 
The only profile you can truly force is a MANDATORY.

Set the Mandatory profile by (you) creating the file NTUser.man
or renaming it from an existing NTUser.dat AND also make the
directory use .man as an extension (both the actual directory and
the sepcification in the user properties.

Depending on a roaming profile which is non-mandatory is not
a method of security but rather of hope in any case.

(This weird (double-dot-man extensions) was due to a request that
I made to the Product group for a very large MS customer. I may not
of course been the only one <grin>)
 
Thanks Herb i'll try that

I have a thousand users to do it with [ :( ] so I'll have to look into automation [ :) ]

BTW ..
is there a way of recieving notice that these posts are updated?
 
In
Mark Simpson said:
Surely the policy being mandatory or not doesn't determine wether or
not the user is able to log in to the local machine does it???
Click to expand...

No, it doesn't. They can still login, provided that everyone (or
authenticated users) have Read on it.
I thought it just made the profile 'fixed' so that the user couldn't
make any lasting changes to the settings...
Click to expand...

That's all the .man extension does. It makes it Read Only and won't get
updated by the client machines.
Can anyone explain please?

thanks
Mark
Click to expand...

As for notification when posts change/added, I would suggest to use a
newsreader instead of the web method (which you posted this by). This way
you can click on a column next to the article to "Watch" it. It will turn a
different color when a new post gets posted. I find OEx easy to use. There
are others out there with different features that will do the same thing as
well.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
If a profile is "normally" mandatory is not not prevent logon,
unless as Ace says, the server is available and the profile
file is "inaccessible" (no read permission for the user.)
(The default is used.)

On the other hand if the profile is "totally" mandatory, and the
server is down or for any other reason the profile cannot be
accessed then logon is denied.

Totally mandatory == both the file AND the directory end in .MAN
extensions.

--
Herb Martin
Mark Simpson said:
Surely the policy being mandatory or not doesn't determine wether or not
Click to expand...
the user is able to log in to the local machine does it???
I thought it just made the profile 'fixed' so that the user couldn't make
Click to expand...
any lasting changes to the settings...
 
Back
Top