S
Scott MacNeally
Okay you have seen this before W2K does not load roaming profile because the
security on the Server store for the profile does not match the logon
credentials. (Even when they are the same) Start with XP SP1.
Solution Enable the "Do not check for users ownership of Roaming Profile
folders" located at Computer configuration / Administrative Templates /
System / Logon (User Profiles?)
In the past MS never checked this secruity but becuase of a bunch of clowns
out in cyber land it be came apparent that these bum bandits where hijacking
peoples profiles and resetting them. Can they not find somthing better to
do like play on the highway or with high explosives. Any ways,
So now the default W2K SP4, XP SP 1 and Win 2003 is to always check the
credetials against the directory. Great
But the AD over ride "DO NOT CHECK FOR USERS OWNERSHIP OF ROAMING PROFILE
FOLDER" does not work!
NOTE : THE FOLLOWING CAN WIPE OUT YOUR SYSTEM. IF YOU DO NOT KNOW WHAT YOU
ARE DOING HIRE AN MCSE!
However the following REGEDT32 changes will do the trick:
[HKEY_LOCAL_MACHINE\SOFTWARE\POLICIES\MICROSOFT\SYSTEM\
"CompatibleRUPSecurity"=dword:00000001
Well it does work but I am not going to go to every machine and make the reg
change when I have Active Directory to do it for me. However the there
seems to be an over site with the Registery function in AD. I cannot add
the new KEY System and a New value below that.
Any help with this would be appreciated. If you know of a better way of
getting the "DO NOT CHECK FOR USERS OWNERSHIP OF ROAMING PROFILE FOLDER " to
work or of having the system actually recongnize that the logon account and
the account set in the ACL on the share are actually the same would be of
help too.
security on the Server store for the profile does not match the logon
credentials. (Even when they are the same) Start with XP SP1.
Solution Enable the "Do not check for users ownership of Roaming Profile
folders" located at Computer configuration / Administrative Templates /
System / Logon (User Profiles?)
In the past MS never checked this secruity but becuase of a bunch of clowns
out in cyber land it be came apparent that these bum bandits where hijacking
peoples profiles and resetting them. Can they not find somthing better to
do like play on the highway or with high explosives. Any ways,
So now the default W2K SP4, XP SP 1 and Win 2003 is to always check the
credetials against the directory. Great
But the AD over ride "DO NOT CHECK FOR USERS OWNERSHIP OF ROAMING PROFILE
FOLDER" does not work!
NOTE : THE FOLLOWING CAN WIPE OUT YOUR SYSTEM. IF YOU DO NOT KNOW WHAT YOU
ARE DOING HIRE AN MCSE!
However the following REGEDT32 changes will do the trick:
[HKEY_LOCAL_MACHINE\SOFTWARE\POLICIES\MICROSOFT\SYSTEM\
"CompatibleRUPSecurity"=dword:00000001
Well it does work but I am not going to go to every machine and make the reg
change when I have Active Directory to do it for me. However the there
seems to be an over site with the Registery function in AD. I cannot add
the new KEY System and a New value below that.
Any help with this would be appreciated. If you know of a better way of
getting the "DO NOT CHECK FOR USERS OWNERSHIP OF ROAMING PROFILE FOLDER " to
work or of having the system actually recongnize that the logon account and
the account set in the ACL on the share are actually the same would be of
help too.