Question

Locked

Default Domain User troubles

By james.jones ·
I'm trying to create a user to go in \\%LOGONSERVER%\NETLOGON\Default User. I've followed the instructions here:

http://support.microsoft.com/kb/168475

to the best of my ability, but I'm having a couple of issues. In response to this step:

[pre]1.) Log on to a workstation as a generic user (one that does not have Administrator rights in the domain). Set up your desktop and change the settings that you want to change. Log off the workstation. The profile is actually created at this point.[/pre]

I interpreted this such that I first created a generic domain user (jdoe) on the DC in the AD Users & Comps MMC snap-in. I then logged in as jdoe on an XP workstation. I set it up as desired. I then had to change the profile's type from roaming to local in order for it to remain on the workstation for the subsequent steps (log out, login as domain admin, copy new profile up to server...), as our GP deletes user profiles upon logoff.

Step 2 is straightforward, as are steps a-f under the "For Windows XP" heading. After having followed all of these remaining instructions, I logged back in as jdoe to change the profile type back to "roaming."

To test the new default profile, I again created a new domain user (Bob Bitchin =P) on the DC in the AD Users & Comps MMC snap-in. I then logged in as bbitchin on an XP workstation. I immediately received errors to the tune of "cannot access \\Server\Redirection$\jdoe\Desktop -- write protection/permissions?" and active desktop bombed.

I would've thought that the built-in profile copying mechanism would have changed all of the registry UNC jdoe's into generic %usernames%. Apparently not. I used regedit's "load hive" to pull in the default user's ntuser.dat and tried manually editing all of the jdoe data to %username%. On subsequent tests, the folder redirection module is actually creating a literal

[pre]\\Server\Redirection$\%username%[/pre]

folder, complete with Application Data, Desktop and My Documents folders within, without substituting the environment variable in.

Sigh.

How do I successfully de-personalize the Default User and make it generic?

All of the pertinent UNC paths are in[pre]HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders[/pre]

Do I change all of the redirected folders to local ones and hope that GP catches it and changes them upon logon? I'm trying that next.

Any other ideas?

Thanks,
-JimmyJazz

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Follow

by Jacky Howe In reply to Default Domain User troub ...

the instructions again but instead of using a domain profile create a Standard User Account on the Workstation. Log on as the User and set it up as required and then log off. The User Account can be deleted from the Workstation when you have copied the profile to the Netlogon Share.

Collapse -

That worked for the most part.

by james.jones In reply to Follow

I still had to go through the Shell Folders key and replace several instances of "jdoe" with "%USERNAME%" after the copy, but otherwise the roaming profiles & folder redirection came to work properly after a few logon/logoff cycles.

Thank you much, sir...
-JimmyJazz

Collapse -

It does get easier

by Jacky Howe In reply to That worked for the most ...

as you work it out. Glad I could help.

Related Discussions

Related Forums