how to stop deleting \docs&sett\user folders with logging off?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi All,
We have a TS2000 server, and when users log on there is a folder created
under Documents and Settings with their account name. That is fine. But when
they log off, this folder is automatically deleted. That is not what we want,
because several settings are deleted also and we have to recreate them all
tjhe time.
I don't know where to look to prevent the server from doing this. There are
GPO's, but not for this server and not for these users.
Please help!
Thanks,
Mieke
 
Sounds like the users have a roaming profile and the server is
configured to delete the locally cached copy of the roaming
profile. This is actually the recommended behaviour on a TS.

Computer Configuration - Administrative Templates - System - Logon
"Delete cached copies of roaming profiles"
 
But this server does not have Policies, only the Local Security Settings.
(The server is member of the container "Computers".)
In the Local Security Settings I don't find anything like "Delete cached
copies of roaming profiles".
I've noticed when a user is member of Domain Admins the folder is not
deleted, but if he is "only" member of Administrators, the folder is also
deleted.
This problem concers mostly the settings in Internet Explorer, because they
use certificates for certain websites to earn their money.
I hope you can help me further?!
Thanks, Mieke
 
I still believe that there *is* a policy affecting the server. You
won't find it in the security policy, but in the path I wrote in my
first post.
Have you checked domain wide GPOs? Sounds as if there is a domain
wide GPO, which affects all computers and all users, except Domain
Admins.
Check Resultant Set of Policies to find out.

You could also check the registry setting directly:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon
DeleteRoamingCache=0 will keep the cached copy
REG_DWORD value

--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---
 
I'm still dealing with this problem.
I have changed the registry on the server by adding the value
"DeleteRoamingCache=0"
I have changed the Local Computer Policy by disabeling "Delete cached copies
of roaming profiles" in Computer Configuration - Administrative Templates -
System -Logon.
When user ppuk logs on on terminalserver3, and logs off, his folder is
deleted.
When user ppuk logs on on terminalserver4, and logs off, his folder is kept.
Both servers belong to the same domain, in folder Computers. So I would
think that it must be something on srver3, but I cannot find it.
When this user ppuk is member of the group "thuis", his folder is kept on
both servers, but as administrator I cannot delete this folder because of
sharing violation. This group Thuis does have a policy, but is used for home
workers. (I have chaecked the settings, but nothing wich has to do with
roaming profiles is configured. And the users do not have a roaming profile.)

I have used "gpresult.exe" to check the results. I have noticed that
sometimes some additional lines appear, depending ont the membership of the
user? I don't know if this is relevant.
It is much text, but i have pasted it here below, the addtional lines I have
marked with **>

I really hope you can help me, I can't stand it that I can't find it!!!

Mieke

C:\Program Files\Resource Kit>gpresult /s /u
Microsoft (R) Windows (R) 2000 Operating System Group Policy Result tool
Copyright (C) Microsoft Corp. 1981-1999


Created on dinsdag 8 februari 2005 at 16:08:13


Operating System Information:

Operating System Type: Server
Operating System Version: 5.0.2195.Service Pack 3
Terminal Server Mode: Application Server

###############################################################

User Group Policy results for:

CN=razija test,OU=CTA,OU=SERVERNAAM,DC=DOMEINNAAM,DC=nl

Domain Name: DOMAINNAME
Domain Type: Windows 2000
Site Name: Default-First-Site-Name

Roaming profile: (None)
Local profile: C:\Documents and Settings\rtest

The user is a member of the following security groups:

DOMAINNAME\Domain Users
\Everyone
BUILTIN\Administrators
BUILTIN\Guests
BUILTIN\Users
BUILTIN\Power Users
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
\LOCAL
DOMAINNAME\thuis


The user has the following security privileges:

Bypass traverse checking
Manage auditing and security log
Back up files and directories
Restore files and directories
Change the system time
Shut down the system
Force shutdown from a remote system
Take ownership of files or other objects
Debug programs
Modify firmware environment values
Profile system performance
Profile single process
Increase scheduling priority
Load and unload device drivers
Create a pagefile
Increase quotas
Remove computer from docking station
Enable computer and user accounts to be trusted for delegation
Add workstations to domain


###############################################################

Last time Group Policy was applied: dinsdag 8 februari 2005 at 16:07:41
*>Group Policy was applied from: SERVERNAAM.DOMEINNAAM.NL


===============================================================


The user received "Registry" settings from these GPOs:

Local Group Policy
Revision Number: 1 (Active Directory) 1 (Sysvol)
Unique Name: Local Group Policy
Domain Name:
*> Linked to: Local computer

Default Domain Controllers Policy
Revision Number: 7 (Active Directory) 7 (Sysvol)
Unique Name: {6AC1786C-016F-11D2-945F-00C04fB984F9}
Domain Name: DOMEINNAAM.NL
*> Linked to: Domain (DC=DOMEINNAAM,DC=nl)




The following settings were applied from: Local Group Policy

KeyName:
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ValueName: NoClose
ValueType: REG_DWORD
Value: 0x00000001


The following settings were applied from: Default Domain ontrollers
Policy

KeyName:
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
ValueName: ForceStartMenuLogOff
ValueType: REG_DWORD
Value: 0x00000001


C:\Program Files\Resource Kit>gpresult.exe /s /u
Microsoft (R) Windows (R) 2000 Operating System Group Policy Result tool
Copyright (C) Microsoft Corp. 1981-1999


Created on dinsdag 8 februari 2005 at 16:17:40


Operating System Information:

Operating System Type: Server
Operating System Version: 5.0.2195.Service Pack 3
Terminal Server Mode: Application Server

###############################################################

User Group Policy results for:

CN=razija test,OU=CTA,OU=SERVERNAAM,DC=DOMEINNAAM,DC=nl

Domain Name: DOMAINNAME
Domain Type: Windows 2000
Site Name: Default-First-Site-Name

Roaming profile: (None)
Local profile: C:\Documents and Settings\rtest

The user is a member of the following security groups:

DOMAINNAME\Domain Users
\Everyone
BUILTIN\Guests
BUILTIN\Users
BUILTIN\Power Users
NT AUTHORITY\INTERACTIVE
NT AUTHORITY\Authenticated Users
\LOCAL
DOMAINNAME\thuis

The user has the following security privileges:

Bypass traverse checking
Add workstations to domain


###############################################################

Last time Group Policy was applied: dinsdag 8 februari 2005 at 16:17:02


===============================================================


The user received "Registry" settings from these GPOs:

Local Group Policy
Revision Number: 65537
Unique Name: Local Group Policy
Domain Name:

Default Domain Controllers Policy
Revision Number: 458759
Unique Name: {6AC1786C-016F-11D2-945F-00C04fB984F9}
Domain Name: DOMEINNAAM.NL




The following settings were applied from: Local Group Policy

KeyName:
Software\Microsoft\Windows\CurrentVersion\Policies\Explo
rer
ValueName: NoClose
ValueType: REG_DWORD
Value: 0x00000001


The following settings were applied from: Default Domain Controllers
Pol
icy

KeyName:
Software\Microsoft\Windows\CurrentVersion\Policies\Explo
rer
ValueName: ForceStartMenuLogOff
ValueType: REG_DWORD
Value: 0x00000001
 
I can't say that I understand completely what is going on, but I
notice that you are still running on SP3. That's rather old. Have
you considered updating to SP4?
I'm especially thinking about the following pre-SP4 hotfix, which
might do just what you want:

817361 - Force Local Profile Option in Windows 2000
http://support.microsoft.com/?kbid=817361
 
Thanks to your suggestions about the policies, I've found a workaround,
although I don't really understand it.
I have put the users in a OU, for that OU I've made a group policy, and
applied a script to User Configuration-Windows Settings-Scripts
(Logon/Logoff)-Logon. In the script there is the line "attrib +h +a
"c:\documents and settings\all users" /S /D
When a (test)user then logs on, and logs off again, his (test)folder is kept
!.
I'm not able to delete his (test)folder because of "Cannot delete
UsrClass.dat. There has ben a sharing violation. The source or destination
file may be in use".
But for this test folder I don't care, the other users folders remain and
that is what I want in the first place.

When the (test)user logs off, there appears an event in the application log:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1000
Date: 9-2-2005
Time: 16:03:43
User: NT AUTHORITY\SYSTEM
Computer: server3
Description:
Windows cannot unload your registry class file. If you have a roaming
profile, your settings are not replicated. Contact your administrator.

DETAIL Access is denied. , Build number ((2195)).

But since we have no roaming files, I suppose this is no problem...

Mieke
 
The profile folders are now kept on the server because the OS is
unable to unload them, as shown by the EventID 1000. Making files
"hidden" has the same effects as making them read-only, for certain
copy and delete operations.
I can't say that I like this work around, but I understand that you
needed to implement a quick fix.
I assume you have a limited amount of users and a *huge* hard disk?
Otherwise you will eventually run out of disk space on the C: drive
of the server.
Also make sure that you configure the size of the EventLog
properly, as long as you have this workaround in place.

--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---
 
Still continuing...because the tric does not work anymore! Folders are
deleted again. Maybe the factor time (syncing) has played a role in working
or not working... But I have noticed that the folder C:\Docs&Settings\All
users has a file "ntuser.pol" only on the server with problems. I've
experimented by renaming this file, but I'm not sure if it will last when it
works now. So I've googled on this, but I cannot find what the exact
function, if there, of this file is. I thought that roaming profiles only
where set by adding a path at the user accounts properties. Does the contents
of the folder "Default user" and "All users" has a meaning, apart from the
obvious like desktop and programs. Can I delete the file ntuser.pol?
There are no event ids 1000 in the event log anymore?!
And there are not many users, and the don't write data to this folders, so
diskspace is not an issue, at least for this server.
Hoping you can reached me a hand again?
Thanks!
Mieke
 
Back
Top