D
David H. Lipman
One of users had a corruption of his profile under Vista Enteprise as an Active Directory
user who logs on with his Smart Card.
I'll call his Domain Name; Bob.Unlucky
His profile is; c:\users\Bob.Unlucky
When he logged on, he did not get his normal setup (desktop, icons, resolution, etc) and
his MS Outlook wasn't setup which was a clear sign of a Profile corruption.
I examined his PC and found a new profile; c:\users\TEMP
All files in his Documents folder are encrypted using his Smart Card and he could not
access any files in; c:\users\Bob.Unlucky\Documents
In XP when a Profile was corrupted I would reboot the PC and logon as my self and would
rename...
C:\Documents and Settings\Bob.Unlucky
to
C:\Documents and Settings\Bob.Unlucky.BAK
Then I would have the user logon and a new profile would be created as;
C:\Documents and Settings\Bob.Unlucky
I could then move data from the .BAK, old, Profile to the new profile, re-setup the user
and all would be OK.
{ Under XP we used EFS Certificate to encrypt data and moving "C:\Documents and
Settings\END_USER\Application Data" to the new profile would have the new profile inherit
the old EFS certificate and the user could subsequently decrypt their data }
This wasn't the case under Vista.
I renamed...
c:\users\Bob.Unlucky
to
c:\users\Bob.Unlucky.BAK
and DELETED
c:\users\TEMP
and had the user logon.
The TEMP profile was created again.
The user still couldn't access his encrypted files nor could they be moved.
What is "Best Practice" in this kind of situation ?
user who logs on with his Smart Card.
I'll call his Domain Name; Bob.Unlucky
His profile is; c:\users\Bob.Unlucky
When he logged on, he did not get his normal setup (desktop, icons, resolution, etc) and
his MS Outlook wasn't setup which was a clear sign of a Profile corruption.
I examined his PC and found a new profile; c:\users\TEMP
All files in his Documents folder are encrypted using his Smart Card and he could not
access any files in; c:\users\Bob.Unlucky\Documents
In XP when a Profile was corrupted I would reboot the PC and logon as my self and would
rename...
C:\Documents and Settings\Bob.Unlucky
to
C:\Documents and Settings\Bob.Unlucky.BAK
Then I would have the user logon and a new profile would be created as;
C:\Documents and Settings\Bob.Unlucky
I could then move data from the .BAK, old, Profile to the new profile, re-setup the user
and all would be OK.
{ Under XP we used EFS Certificate to encrypt data and moving "C:\Documents and
Settings\END_USER\Application Data" to the new profile would have the new profile inherit
the old EFS certificate and the user could subsequently decrypt their data }
This wasn't the case under Vista.
I renamed...
c:\users\Bob.Unlucky
to
c:\users\Bob.Unlucky.BAK
and DELETED
c:\users\TEMP
and had the user logon.
The TEMP profile was created again.
The user still couldn't access his encrypted files nor could they be moved.
What is "Best Practice" in this kind of situation ?