carlos said:
Hi, there are 40 or so computers linked up over a LAN with about 50
users in total. Now I've set up 1 computer in the network so that all
user profiles are on, all microsoft exchange mail's are set up so
people can check email, that macros are enabled and the certificate
is installed, and that the internet is set to a particular home page.
Basically is there any way I can save these settings and install them
into the other 39 computers in the network? Currently I'm having to
go to a particular pc I want to setup, add all the users and log into
the pc as every different user, then set up the email exchange server
settings for that particular person and macros and so on. 40
computers x 50 users = a very long time! Any help is greatly
appreciated. thanks
What you want is roaming profiles.
And since you're using a domain, you shouldn't be creating local user
accounts on any computer - all users should log into the domain only (but
perhaps I've misunderstood your post & you mean only that you are
configuring domain profiles for each user on each computer - this is still
unnecessary & a tremendous waste of your time, and since the profiles won't
be in sync, any changes made on computer A won't show up on computer B when
the user logs into B).
1. Set up a share on the server. For example - d:\profiles, shared as
profiles$ to make it hidden from browsing.
2. Make sure the share permissions on profiles$ indicate everyone=full
control. Set the NTFS security to administrators, system, and users=full
control. This will get changed the first time they log in anyway.
3. In the users' ADUC properties, specify \\server\profiles%\%username% in
the profiles field
4. Have each user log into the domain once from their usual/primary
workstation (where their desired existing profile lives) and log out.
The profile is now roaming (you can check this while they're logged in, by
going to control panel, system, advanced, user profiles, settings) . Their
desktop, mail, printer, favorites, IE settings will follow them around.
Notes/caveats:
* Make sure users understand that they should never log into multiple
computers at the same time when they have roaming profiles (unless you make
the profiles mandatory by renaming ntuser.dat to ntuser.man so they can't
change them). Explain that the "last one out" wins, when it comes to
uploading the final, changed copy of the profile.
* Keep your profiles TINY. Redirect My Documents to a subfolder of each
user's home directory on the server - either via group policy (folder
redirection) or manually (not advisable). If you aren't going to also
redirect the desktop using policies, tell people not to store any files on
the desktop or or you will beat them with a stick. Big profile=slow
login/logout, and possible profile corruption.
* Note that user profiles are not compatible between different OS versions,
even between W2k/XP. Keep your workstations as identical as possible -
meaning, OS version is the same, SP level is the same, application load is
(as much as possible) the same.
* Do not let people store any data locally - all data belongs on the server.
