Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SP4 causes a problem with Roaming Profiles 1

Status
Not open for further replies.
bhogaj31

bhogaj31

IS-IT--Management
Mar 11, 2003
114
GB
Hi ,

Has anyone seen this problem because I am stumped.

Environment is a follows.

Windows 2000 SP3 clients in a NT 4 domain.

NT4 System Policy enabled and Roaming Profiles enabled.

NT4 System policy set to delete local copies of cached profiles at logoff.

My users(Standard users on local machines) have been happily using their machines and have had no trouble with their Roaming profile copying up and down at logoff/logon.

I decided to upgrade them to service pack 4 plus all the other hotfixes that service pack 4 didn't cover.

I logged in as myself (I have local admin rights on all Win2k PC's) and installed SP4 and then rebooted the machine as the installation asks you to do.

I logged back in as myself because my users have the "System\Properties" option disabled, so I could check that the update was successful , which it was.

I then got the user to log back in. The users roaming profile was ready to be pulled down to the local machine as it was the most upto date and he only one that existed.

When the user logged in she was logged in with a "TEMP" profile because there was already a profle on her achine that hadn't synchronised on last logoff with the one on the server.

I checked the local machine and normally there is a profile with the user name and a (.bak) extension in the "C:\Documents and settings folder" when it gives me this message, but there wasn't.

I checked the profile share on the server and deleted the contents of it, so now there was no profile to use and it should create a new one but it still kept giving the same message.

I even checked the NT server to see if the users account was referencing the correct folder on the server share and it was.

It was as if the "Roaming Profile" process had broken after I installed SP4.

I tried to recreate the error in a test environment(which was an exact copy of the live one) but I couldn't recreate it.

Any ideas??????
 
Sort by date Sort by votes
Has anyone else had this problem,

I forgot to mention that the roaming profiles are located on a free bsd 4.5 box , don't know what version of SMB is running on it.

When I tried to recreate the error in my test lan th user profile shares were on an NT server .

The message at logon time is one that says the security on the "Profile" folder is set incorrectly, and that the current user logging on or the Administrators group must be the owner of the "Profile" folder.

I checked who owned my test users "Profile" folder on the network using a win2k box and on the nt server and by telnetting to the Freebsd box and they all say that the user trying to logon is the owner of the "profile" folder.


So it is setup correctly but the roaming profile bit doesn't work . I suspect something to do with the unix permissions on the folder, I will check this out now by decalring a roaming profile path on an NT server rather than a Unix box and see how it goes .

Watch this space......
 
Upvote 0 Downvote
run UPHCLEAN and it will tell you what is holding the profile open. For us it was the spooler service and because we use zen it was the nalntservice that was holding HKCU open thus stopping the profile from uploading to the server.

This only happend after we installed sp4
 
Upvote 0 Downvote
Ok , I sorted it .

Problem was that SP4 once installed and after a reboot makes the machine check that the user account which is logging on (probably using the Account id number ) is the owner of the folder the profile is stored in and pulled down from.

My profile folders were all stored on a "Freebsd" dbox running samba 2.2.2. All user accounts in my domain (NT4) need to have a corresponding accounts on the "Freebsd" server inorder for them to be able to get on to it. The accounts on the "Freebsd" server are not connected to the domain accounts apart from having thre same name.

REMEMBER - This worked when the machine was on SP3.

The owner of the "Profile" folder on the "Freebsd" box was set as the "\\Freebsd\UserName" This meant that the account on the "Freebsd" server was the owner of the profile folder.

REMEMBER - The user accounts on the "Freebsd" server have no connection with the NT4 domain accounts.

So because of not being able to have accounts or groups that map across "Unix" and "NT" the owner of the folder "Profile" is seen as being different from the user logging on and the Administrator of the domain has no way of taking ownership of it either.

That is why I was having the problem .

This is solved if we upgrade Samba to version 3 and use the "Net GroupMap" command which connects the domain groups with any unix groups and applies the permissionsaccros the 2 server types.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sebastian42
  • Locked
  • Question
Possibly a timing problem
Replies
3
Views
934
Rick998
Rick998
VicM
  • Locked
  • Question
Problem updating Windows Explorer
Replies
1
Views
382
Nancycaf
Nancycaf
Diane Sandstrom
  • Locked
  • Question
PDF with highlighting
Replies
2
Views
140
Diane Sandstrom
Diane Sandstrom
Shengfu
  • Locked
  • Question
PROBLEM WITH FILES IN FLASHDRIVE
Replies
3
Views
181
mikrom
mikrom
Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
604
Flinx
Flinx

Part and Inventory Search

Sponsor

Back
Top