Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Roaming Profile Creation and DFS 1

Status
Not open for further replies.
ericbarr

ericbarr

MIS
Jan 16, 2004
8
US
I am having an issue with roaming profiles using DFS. The problem only happens during the initial creation of the profile. I have had no issues migrating profiles to the DFS share.

If I create a new user account with a roaming profile using the DFS path, the profile creation fails. Event logs on the workstation show event id 1504 and 1509.

1504 - Windows cannot update your roaming profile. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator.

DETAIL - Cannot create a file when that file already exists.

1509 - Windows cannot copy file <file> to location <location path>. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator.

DETAIL - Cannot create a file when that file already exists.

The profile is folder is empty, so I do not understand why the system errors out with "file already exists".

Group policy is setup to give the user full control of the profile. The share permissions have been verified. Full Control for "Everyone".

If I create a new user account with a roaming profile using the UNC path the profile creation works without issue.

My current workaround is to create a new an account using the UNC for the roaming profile directory. Then change the path to the DFS after creation.

Wrap-up
Create profile using the DFS path, profile creation fails.
Create profile using the UNC path, profile creation succeeds.

Thanks

Eric
 
Sort by date Sort by votes
I've found your workaround to be the only way to get it to work.
 
Upvote 0 Downvote
I called Microsoft, and they were able to resolve the issue. Apparently, I was missing "read attributes" on the group that gives user access to the roaming profiles folder. My roaming group now has the following permissions.

Apply to: This folder only
List Folder / Read Data
Read Attributes **** fixed the issue
Create Folders / Append Data

From Microsoft
ROOTCAUSE:
==========
Only when the Parent folder of the Roaming profiles is a DFS Namespace folder or DFS Root Folder, It seem to be required to add this extra permission for the appropriate group (to which the users are member of) so the roaming profiles will be saved successfully. Unfortunately this is not documented yet on the technet article for the best practices while configuring Roaming Profiles.


 
Upvote 0 Downvote
Thanks Eric - have a star from me for finding and posting a solution to a problem I gave up on years ago...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
167
DrB0b
DrB0b
gbaughma
  • Locked
  • Question
High-Availability DFS
Replies
1
Views
123
hairlessupportmonkey
hairlessupportmonkey
geneg28
  • Locked
  • Question
Active Directory and Linux Servers
Replies
0
Views
117
geneg28
geneg28
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
163
DrB0b
DrB0b
kbryii
  • Locked
  • Question
AD and DHCP issue
Replies
1
Views
151
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top