Account and profile problem

I am administering a Windows server 2003 and one client have a problem with
her account. When she logs in there's an error message saying that there's no
connection to the central profile and that there will be no server backup. I
deleted her account in Active Directory and created a new one with the same
name, but the problem reoccurs.



Any clue what to do?

Kind of difficult for anyone to assist with the current details provided,

Kind of difficult for anyone to assist with the current details provided,
please repost with any Event Logs (Number and description) and/or other
error messages.  Please be precise it will help you get this resolved.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

Thank you for your answer, Paul.

Thank you for your answer, Paul. I have only one error message and it appears
when the user logs in to her account. Roughly translated from Swedish to
English: "the central profile could not be located. Any information vill only
be saved locally. Please contact the network administrator."

Account and profile problem

I think you mean "roaming profile" ...check the workstation's event logs for
userenv errors, etc.

My boilerplate on roaming profiles is below -



General tips:

1. Set up a share on the server. For example - d:\profiles, shared as
profiles$ to make it hidden from browsing. Make sure this share is *not* set
to allow offline files/caching! (that's on by default - disable it)

2. Make sure the share permissions on profiles$ indicate everyone=full
control. Set the NTFS security to administrators, system, and users=full
control.

3. In the users' ADUC properties, specify \\server\profiles$\%username% in
the profiles field

4. Have each user log into the domain once from their usual workstation
(where their existing profile lives) and log out. The profile is now
roaming.

5. If you want the administrators group to automatically have permissions to
the profiles folders, you'll need to make the appropriate change in group
policy. Look in computer configuration/administrative templates/system/user
profiles - there's an option to add administrators group to the roaming
profiles permissions.

Notes:

* Make sure users understand that they should not log into multiple
computers at the same time when they have roaming profiles (unless you make
the profiles mandatory by renaming ntuser.dat to ntuser.man so they can't
change them). Explain that the
last one out wins,
when it comes to uploading the final, changed copy of the profile.

* Keep your profiles TINY. Via group policy, redirect My Documents at the
very least - to a subfolder of the user's home directory or user folder.
Also consider redirecting Desktop & Application Data similarly..... so the
user will have:

\\server\home$\%username%\My Documents,
\\server\home$\%username%\Desktop,
\\server\home$\%username%\Application Data.

Alternatively, just manually re-target My Documents to
\\server\home$\%username% (this is not optimal, however.

If you aren't going to also redirect the desktop using policies, tell users
that
they are not to store any files on the desktop or you will beat them with a
stick. Big profile=slow login/logout, and possible profile corruption.

* Note that user profiles are not compatible between different OS versions,
even between W2k/XP. Keep all your computers. Keep your workstations as
identical as possible - meaning, OS version is the same, SP level is the
same, app load is (as much as possible) the same.

* Do not let people store any data locally - all data belongs on the server.

* The User Profile Hive Cleanup Utility should be running on all your
computers.  You can download it here:
http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en

I would check the permissions on the remote folder location.

I would check the permissions on the remote folder location.  Have the user
logon and then see if they can read/write to the location in question.  This
sounds like you are using roaming profiles.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.