I recently defined a Mandatory Profile in Windows 2008 environment and encountered difficulties. After assessing the matter I found that mandatory profile folder name has to have a “.v2 appended to the end of the folder name. The reason Microsoft made this change is because the user profile structure in Vista and Windows 2008 is a lot different than in previous versions of Windows
.gif)
1. Create share on a file server for storing profiles
(i.e. \\fileserver\mandatory)
On share permission tab – grant authenticated users, system, and domain admins full control.
On NTFS permission tab – grant authenticated users read & Execute, system and domain admins full control.
2. Log on to Windows 2008 TS with new user, clean any GPO (pristine users that never logged before, to get small profile as possible ) and customize the user profile, environment, display ,folder view, etc.
4. Log off the user and log back as administrator ,it recommend to reload the ntuser.dat of the user from the registry using" load hive " and recheck , clean and edit if needed .then unload the ntuser.dat
5. On system properties à advanced àuser profiles àsettings , choose the new profile and click on copy profile to (\\fileserver\mandatory)
6. Click on permitted to use à change ,and set authenticated users
7. Rename ntuser.dat to ntuser.man (inside the mandatory folder )
8. Append .v2 at the end of that name \\fileserver\mandatory.v2 (makes it super mandatory)
9. Edit your GPO for using that mandatory profile ,computer configuration –admin template – terminal server – profiles ,and enable
"Set path for TS Roaming User Profile” (\\fileserver\mandatory )
"Use mandatory profile on the terminal server"
On computer configuration – admin template – system –user profile, enable "Delete cached copies of roaming profiles "
10. Install Microsoft hotfix KB 949528 http://support.microsoft.com/kb/949528 (when mandatory user profile is not deleted from local server , when the "Delete cached copies of roaming profiles" Group Policy setting is enabled )
.jpg)
