Re: how switch to local profiles?

Discussion in 'Windows Server' started by Lanwench [MVP - Exchange], Jun 12, 2009.

  1. Eric S <> wrote:
    > Hi,
    > I only have 5 users and 5 computers and the users never ever switch
    > computers.
    > All are presently connected to a new install of sbs2003 r2.
    > how do I change from roaming to local profiles for each user?
    > Q. Do I just need to do it via System - advanced settings in the
    > control panel at each workstation computer - change to local?
    > Q. Do I need to do anything on the server?
    > please forgive as new to sbs
    > regards


    The other reply explains this. However: what's the objection to leaving them
    with roaming profiles? If you set them up right they shouldn't get in your
    way - and if one of your users ever needs to replace a dead workstation, you
    will find your life is much easier because of it.

    ********************
    General tips:

    1. Set up a share on the server. For example - d:\profiles, shared as
    profiles$ to make it hidden from browsing. Make sure this share is *not* set
    to allow offline files/caching! (that's on by default - disable it)

    2. Make sure the share permissions on profiles$ indicate everyone=full
    control. Set the NTFS security to administrators, system, and users=full
    control.

    3. In the users' ADUC properties, specify \\server\profiles$\%username% in
    the profiles field

    4. Have each user log into the domain once - if this is an existing user
    with a profile you wish to keep, have them log in at their usual
    workstationand log out. The profile is now roaming.

    5. If you want the administrators group to automatically have permissions to
    the profiles folders, you'll need to make the appropriate change in group
    policy. Look in computer configuration/administrative templates/system/user
    profiles - there's an option to add administrators group to the roaming
    profiles permissions. Do this *before* the users' roaming profile folders
    are created - it isn't retroactive.

    ********************
    Notes:

    Make sure users understand that they should not log into multiple computers
    at the same time when they have roaming profiles (unless you make the
    profiles mandatory by renaming ntuser.dat to ntuser.man so they can't change
    them, which has major disadvantages),. Explain that the 'last one out wins'
    when it comes to uploading the final, changed copy of the profile. If you
    want to restrict multiple simultaneous network logins, look at LimitLogon
    (too much overhead for me), or this:
    http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8768

    ********************
    Keep your profiles TINY. Via group policy, you should be redirecting My
    Documents (at the very least) - to a subfolder of the user's home directory
    or user folder. Also consider redirecting Desktop & Application Data
    similarly..... so the user will end up with:

    \\server\users\%username%\My Documents,
    \\server\users\%username%\Desktop,
    \\server\users\%username%\Application Data.

    [Alternatively, just manually re-target My Documents to
    \\server\users\%username% (this is not optimal, however!)]

    You should use folder redirection even without roaming profiles, but it's
    especially critical if you *are* using them.

    If you aren't going to also redirect the desktop using policies, tell users
    that they are not to store any files on the desktop or you will beat them
    with a
    stick. Big profile=slow login/logout, and possible profile corruption.

    ********************
    Note that user profiles are not compatible between different OS versions,
    even between W2k/XP. Keep all your computers. Keep your workstations as
    identical as possible - meaning, OS version is the same, SP level is the
    same, app load is (as much as possible) the same.

    *********************
    If you also have Terminal Services users, make sure you set up a different
    TS profile path for them in their ADUC properties - e.g.,
    \\server\tsprofiles$\%username%

    ********************
    Do not let people store any data locally - all data belongs on the server.

    ********************
    The User Profile Hive Cleanup Utility should be running on all your
    computers. You can download it here:
    http://www.microsoft.com/downloads/...6D-8912-4E18-B570-42470E2F3582&displaylang=en

    ********************
    Roaming profile & folder redirection article -
    http://www.windowsnetworking.com/ar...e-Folder-Redirection-Windows-Server-2003.html
     
    Lanwench [MVP - Exchange], Jun 12, 2009
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Karl Burrows

    Profiles, Profiles, Profiles

    Karl Burrows, Mar 16, 2005, in forum: Windows Small Business Server
    Replies:
    5
    Views:
    213
    Ja5on
    Mar 18, 2005
  2. Lanwench [MVP - Exchange]

    Re: how switch to local profiles?

    Lanwench [MVP - Exchange], Jun 12, 2009, in forum: Windows Small Business Server
    Replies:
    0
    Views:
    343
    Lanwench [MVP - Exchange]
    Jun 12, 2009
  3. Spin
    Replies:
    0
    Views:
    642
  4. Anthony [MVP]

    Re: how switch to local profiles?

    Anthony [MVP], Jun 11, 2009, in forum: Server Setup
    Replies:
    0
    Views:
    465
    Anthony [MVP]
    Jun 11, 2009
  5. Lanwench [MVP - Exchange]

    Re: how switch to local profiles?

    Lanwench [MVP - Exchange], Jun 12, 2009, in forum: Server Setup
    Replies:
    0
    Views:
    564
    Lanwench [MVP - Exchange]
    Jun 12, 2009
Loading...

Share This Page