Unable to copy roaming user profile

Hi Everyone,

I recently created a roaming profile called "template" (as a template for
all user profiles). I am done configurating the profile. When I log onto
the workstation using my admin account and select User Profiles, the Copy To
button is greyed out. How do I copy the User Profile?

I am logging into the workstation using my Domain Admin account. The file
server hosting the profile have permissions setup properly.

Thank you,
D

Resolved. Very weird issue...
I had to reboot the workstation for it to work...

"Derek Da Silva" wrote:

Hi Everyone,

I recently created a roaming profile called "template" (as a template for
all user profiles). I am done configurating the profile. When I log onto
the workstation using my admin account and select User Profiles, the Copy To
button is greyed out. How do I copy the User Profile?

I am logging into the workstation using my Domain Admin account. The file
server hosting the profile have permissions setup properly.

Thank you,
D

Derek Da Silva wrote:
Hi Everyone,

I recently created a roaming profile called "template" (as a template
for all user profiles). I am done configurating

There's no such word - it's "configuring" :-)

the profile. When I
log onto the workstation using my admin account and select User
Profiles, the Copy To button is greyed out. How do I copy the User
Profile?

How did you create the initial profile/user to begin with? I'm presuming
you're just trying to standardize all your new domain users' default
settings; the fact that you intend those users to have roaming user profiles
doesn't matter....

Try removing the roaming profile path settings from the new template user's
ADUC properties and log in as that user again.
Then log in as your domain admin /equivalent account and try using "copy to"
on that user account.
Copy it to the path: \\yourdomaincontroller\netlogon\Default User
Set "allowed to use" to "everyone."

Now, all new users you create in the domain will inherit all the Default
User settings such as you customized in your template account - and you can
set up those domain users with roaming profiles merely by filling in the
profile path in ADUC.


I am logging into the workstation using my Domain Admin account. The
file server hosting the profile have permissions setup properly.

Thank you,
D

Thank you for your post. I have two questions:

1) We have many branches at our office. This particular branch is being
setup in a different way than all of the other branches. If I create the
default user in the NETLOGON folder- will this affect the way accounts are
created for other branches or just this branch in particular.

2) In terms of security, should all users have access to everyone's profile?
I am hesitant of this because I feel that all users should have their own
privacy. Do you agree with my opinion?

Thank you,
D

"Lanwench [MVP - Exchange]" wrote:

Derek Da Silva wrote:
Hi Everyone,

I recently created a roaming profile called "template" (as a template
for all user profiles). I am done configurating

There's no such word - it's "configuring" :-)

the profile. When I
log onto the workstation using my admin account and select User
Profiles, the Copy To button is greyed out. How do I copy the User
Profile?

How did you create the initial profile/user to begin with? I'm presuming
you're just trying to standardize all your new domain users' default
settings; the fact that you intend those users to have roaming user profiles
doesn't matter....

Try removing the roaming profile path settings from the new template user's
ADUC properties and log in as that user again.
Then log in as your domain admin /equivalent account and try using "copy to"
on that user account.
Copy it to the path: \\yourdomaincontroller\netlogon\Default User
Set "allowed to use" to "everyone."

Now, all new users you create in the domain will inherit all the Default
User settings such as you customized in your template account - and you can
set up those domain users with roaming profiles merely by filling in the
profile path in ADUC.


I am logging into the workstation using my Domain Admin account. The
file server hosting the profile have permissions setup properly.

Thank you,
D

Derek Da Silva wrote:
Thank you for your post. I have two questions:

1) We have many branches at our office. This particular branch is
being setup in a different way than all of the other branches.

How so?

If I
create the default user in the NETLOGON folder- will this affect the
way accounts are created for other branches or just this branch in
particular.

It will affect all users in the domain. But what are you putting in there
that's so unique to this particular branch? Note that most of the stuff you
want to customize for your users/computers ought to be done via group
policy....and you link those at the OU level to ensure that your settings
are appropriate for each location.

The only stuff I do in the Default User profile like that, is stuff I can't
easily control via GPO - such as Windows Explorer views (I like Details and
displaying file extensions), power settings (because non-admins cannot
themselves change this), and so forth. The rest is all via GPO.



2) In terms of security, should all users have access to everyone's
profile? I am hesitant of this because I feel that all users should
have their own privacy. Do you agree with my opinion?

I agree. My boilerplate on roaming profiles is below - if you follow these
steps, only the user & the Administrators group will have access to the
profile folder on the server.

Note that roaming profiles are not always the right tool for the job -
folder redirection via group policy will accomplish 99% of what roaming
profiles do, and you won't have problems with logins (across a WAN link
especially).

General tips:

1. Set up a share on the server. For example - d:\profiles, shared as
profiles$ to make it hidden from browsing. Make sure this share is not set
to allow offline files/caching!
2. Make sure the share permissions on profiles$ indicate everyone=full
control. Set the NTFS security to administrators, system, and users=full
control.
3. In the users' ADUC properties, specify \\server\profiles$\%username% in
the profiles field
4. Have each user log into the domain once from their usual workstation
(where their existing profile lives) and log out. The profile is now
roaming.
5. If you want the administrators group to automatically have permissions to
the profiles folders, you'll need to make the appropriate change in group
policy. Look in computer configuration/administrative templates/system/user
profiles - there's an option to add administrators group to the roaming
profiles permissions.

Notes:

* Make sure users understand that they should never log into multiple
computers at the same time when they have roaming profiles (unless you make
the profiles mandatory by renaming ntuser.dat to ntuser.man so they can't
change them). Explain that the
last one out
wins, when it comes to uploading the final, changed copy of the profile.

* Keep your profiles TINY. Redirect My Documents at the very least; usually
best done to the user's home directory on the server - either via
group policy (folder redirection) or manually (far less advisable). If you
aren't going to also redirect the desktop using policies, tell users that
they are not to store any files on the desktop or you will beat them with a
stick. Big profile=slow login/logout, and possible profile corruption.

* Note that user profiles are not compatible between different OS versions,
even between W2k/XP. Keep all your computers. Keep your workstations as
identical as possible - meaning, OS version is the same, SP level is the
same, app load is (as much as possible) the same.

* Do not let people store any data locally - all data belongs on the server.

* The User Profile Hive Cleanup Utility should be running on all your
computers. You can download it he
http://www.microsoft.com/downloads/d...displaylang=en




Thank you,
D

"Lanwench [MVP - Exchange]" wrote:

Derek Da Silva wrote:
Hi Everyone,

I recently created a roaming profile called "template" (as a
template for all user profiles). I am done configurating

There's no such word - it's "configuring" :-)

the profile. When I
log onto the workstation using my admin account and select User
Profiles, the Copy To button is greyed out. How do I copy the User
Profile?

How did you create the initial profile/user to begin with? I'm
presuming you're just trying to standardize all your new domain
users' default settings; the fact that you intend those users to
have roaming user profiles doesn't matter....

Try removing the roaming profile path settings from the new template
user's ADUC properties and log in as that user again.
Then log in as your domain admin /equivalent account and try using
"copy to" on that user account.
Copy it to the path: \\yourdomaincontroller\netlogon\Default User
Set "allowed to use" to "everyone."

Now, all new users you create in the domain will inherit all the
Default User settings such as you customized in your template
account - and you can set up those domain users with roaming
profiles merely by filling in the profile path in ADUC.


I am logging into the workstation using my Domain Admin account.
The file server hosting the profile have permissions setup properly.

Thank you,
D