Lanwench
Thu May 08 12:09:12 PDT 2008
AndyW <AndyW@discussions.microsoft.com> wrote:
> Thanks for the quick response Lanwench, i hadn't thought of disabling
> the offline files on the share itself but had disabled the offline
> files on each of the clients instead.
Ah. Well, for roaming profiles you will definitely need to disable it on the
parent share.
>
> I've made the changes & downloaded the UPHClean which i'm just about
> to install on all of the Clients.
>
> Thanks again, time will tell if this will stop it happening, but i'm
> optimistic.
>
> Thankyou
> Andy
Most welcome!
>
> "Lanwench [MVP - Exchange]" wrote:
>
>> AndyW <AndyW@discussions.microsoft.com> wrote:
>>> I have searched the groups, but can't find any posts relating to
>>> this.
>>>
>>> We have a small network -
>>> 1 X Small Business Server 2003 R2 Server
>>> 7 X Win XP Clients
>>>
>>> I have setup the users to use roaming profiles.
>>> I have also setup folder redirect for Profile Folders to Shared
>>> Folder on server.
>>> I have disabled Offline Files on the XP Clients.
>>>
>>> This setup looks like it's working OK, and has done for a week, but
>>> now i've had 2 instances where a client has logged in and every
>>> shortcut / document has vanished.
>>>
>>> When I look in the Folder for the users profile on the Server, the
>>> Desktop folder is empty and the My Documents folder is also empty,
>>> yet Firefox still contains all of the bookmarks that have been added
>>> by the user - so the App Data folder works OK
>>>
>>> Please Help!! Murpheys Law has struck & this has happened to the
>>> two company directors who are looking to me for the answers.
>>>
>>> I appreciate any help with this, I don't know where to begin looking
>>> with this problem.
>>>
>>> Thanks
>>> Andy
>>
>> Check the event logs on the workstation.....and make sure you've got
>> the User Profile Hive Cleanup utility running. See below for my
>> boilerplate on roaming profiles....
>>
>> ********************
>> General tips:
>>
>> 1. Set up a share on the server. For example - d:\profiles, shared as
>> profiles$ to make it hidden from browsing. Make sure this share is
>> *not* set to allow offline files/caching! (that's on by default -
>> disable it)
>>
>> 2. Make sure the share permissions on profiles$ indicate
>> everyone=full control. Set the NTFS security to administrators,
>> system, and users=full control.
>>
>> 3. In the users' ADUC properties, specify
>> \\server\profiles$\%username% in the profiles field
>>
>> 4. Have each user log into the domain once - if this is an existing
>> user with a profile you wish to keep, have them log in at their usual
>> workstationand log out. The profile is now roaming.
>>
>> 5. If you want the administrators group to automatically have
>> permissions to the profiles folders, you'll need to make the
>> appropriate change in group policy. Look in computer
>> configuration/administrative templates/system/user profiles -
>> there's an option to add administrators group to the roaming
>> profiles permissions. Do this *before* the users' roaming profile
>> folders are created - it isn't retroactive.
>>
>> ********************
>> Notes:
>>
>> Make sure users understand that they should not log into multiple
>> computers at the same time when they have roaming profiles (unless
>> you make the profiles mandatory by renaming ntuser.dat to ntuser.man
>> so they can't change them, which has major disadvantages),. Explain
>> that the 'last one out wins' when it comes to uploading the final,
>> changed copy of the profile. If you want to restrict multiple
>> simultaneous network logins, look at LimitLogon (too much overhead
>> for me), or this:
http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8768
>>
>> ********************
>> Keep your profiles TINY. Via group policy, you should be redirecting
>> My Documents (at the very least) - to a subfolder of the user's home
>> directory or user folder. Also consider redirecting Desktop &
>> Application Data similarly..... so the user will end up with:
>>
>> \\server\users\%username%\My Documents,
>> \\server\users\%username%\Desktop,
>> \\server\users\%username%\Application Data.
>>
>> [Alternatively, just manually re-target My Documents to
>> \\server\users\%username% (this is not optimal, however!)]
>>
>> You should use folder redirection even without roaming profiles, but
>> it's especially critical if you *are* using them.
>>
>> If you aren't going to also redirect the desktop using policies,
>> tell users that they are not to store any files on the desktop or
>> you will beat them with a
>> stick. Big profile=slow login/logout, and possible profile
>> corruption.
>>
>> ********************
>> Note that user profiles are not compatible between different OS
>> versions, even between W2k/XP. Keep all your computers. Keep your
>> workstations as identical as possible - meaning, OS version is the
>> same, SP level is the same, app load is (as much as possible) the
>> same.
>>
>> *********************
>> If you also have Terminal Services users, make sure you set up a
>> different TS profile path for them in their ADUC properties - e.g.,
>> \\server\tsprofiles$\%username%
>>
>> ********************
>> Do not let people store any data locally - all data belongs on the
>> server.
>>
>> ********************
>> The User Profile Hive Cleanup Utility should be running on all your
>> computers. You can download it here:
>>
http://www.microsoft.com/downloads/details.aspx?familyid=1B286E6D-8912-4E18-B570-42470E2F3582&displaylang=en
>>
>> ********************
>> Roaming profile & folder redirection article -
>>
http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html