GPO Add the administrators security group to roaming user profile

  • Thread starter Thread starter post101
  • Start date Start date
P

post101

The settings to " add the administrators security group to the roaming user
profile"

When I read the Microsoft explanation it states " this setting adds the
administrator security group to the roaming user profile share"

My question is " The administrator security group" is that the just the
"local" administrator group?

I want to give the administrators access to the user's profile without
having the administrators take ownership of the user's folder.
Because, if the administrators doesn't have access to the user's folder
they can not see the security tab on the user's folder. ( to make sure that
the user has FC and to check the owner of the folder)
I enabled the "add the administrators security group to roaming user
profiles" and the administator profile from the Profile Folder (parent
folder ) was not added to the user's profile.

Any suggestions?
 
Hello.

This setting is described in more detail at the following links:
http://www.microsoft.com/technet/tr...r2003/proddocs/deployguide/dmebc_dsm_ummq.asp

and

http://www.microsoft.com/technet/tr...oddocs/entserver/New_Features_And_Changes.asp

Add the Administrator security group to roaming user profiles--This policy
allows an administrator to choose the same behavior as Windows NT version
4.0, and permit the administrators group to have full control of the user's
profile directories. In Windows 2000, the default file permissions for newly
generated roaming profiles are full control, or read and write access for
the user, and no file access for the Administrators group

Best Regards,
David Fisher
Enterprise Platform Support
 
Thanks! David
This is exactly what I need.

David Fisher said:
Hello.

This setting is described in more detail at the following links:
http://www.microsoft.com/technet/tr...r2003/proddocs/deployguide/dmebc_dsm_ummq.asp
http://www.microsoft.com/technet/tr...oddocs/entserver/New_Features_And_Changes.asp

Add the Administrator security group to roaming user profiles--This policy
allows an administrator to choose the same behavior as Windows NT version
4.0, and permit the administrators group to have full control of the user's
profile directories. In Windows 2000, the default file permissions for newly
generated roaming profiles are full control, or read and write access for
the user, and no file access for the Administrators group

Best Regards,
David Fisher
Enterprise Platform Support
Click to expand...
 
What if I had 200 roaming profiles and I wanted to have full access as
domain administrator to them, after these profiles were created
without this policy beeing activated.
 
You would find someone that tells you, you're a fool. That you could
think before you created 200 accounts and an equal number of roaming
profiles. And somone else would tell you that some Qs don't have an A.
 
Back
Top