Announcement

Collapse
No announcement yet.

Default User on NETLOGON Question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Default User on NETLOGON Question

    I had a question about putting a default user profile on the netlogon share.

    Is it possible to configure more than one of these?
    say if a person logs into computer A they get profile a

    If that's not possible would it be okay to create a default user profile and set it up so that only a certain user group has access to it through security permissions?

    I assume those that get denied will just fall back on the local computer profile?

  • #2
    Re: Default User on NETLOGON Question

    I would absolutely NOT put user profiles onto the NETLOGON share. A domain controller has enough to do without serving up a user profile to x hundred users at once!

    You should put user profiles (default, mandatory or otherwise) on a file server share created specifically for user profiles. For instance:

    Profile Location = \\servername\USERPROF$\USERNAME

    You configure "Profile Location" in the user account's object. Put all the users who get the mandatory profile into an OU, link a Group policy Object to the OU, and have the GPO set the user profile location as above. If you want it to be the same profile for everyone, you have to rename the profile folder to <folder>.MAN so that there is no attempt to write to it.

    Users not in the OU won't get that user profile location - meaning you can have OTHER user profile locations for users in other OUs.


    Tom
    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you

    Comment


    • #3
      Re: Default User on NETLOGON Question

      Originally posted by Stonelaughter View Post
      I would absolutely NOT put user profiles onto the NETLOGON share. A domain controller has enough to do without serving up a user profile to x hundred users at once!

      You should put user profiles (default, mandatory or otherwise) on a file server share created specifically for user profiles. For instance:

      Profile Location = \\servername\USERPROF$\USERNAME

      You configure "Profile Location" in the user account's object. Put all the users who get the mandatory profile into an OU, link a Group policy Object to the OU, and have the GPO set the user profile location as above. If you want it to be the same profile for everyone, you have to rename the profile folder to <folder>.MAN so that there is no attempt to write to it.

      Users not in the OU won't get that user profile location - meaning you can have OTHER user profile locations for users in other OUs.

      His talking about something else.
      http://forums.petri.com/showthread.php?t=27066

      Bryan you can't have more than one and locking down security to limit its scope sounds like a good idea. Try it and see if it works.

      Comment


      • #4
        Re: Default User on NETLOGON Question

        I wouldn't be storing the actually profiles in netlogon

        just the default user

        what I wanted to know is how to control who uses that one versus say the default user on the computer

        Comment


        • #5
          Re: Default User on NETLOGON Question

          thanks, I think I am going try, nothing wrong with trying in most cases

          Comment


          • #6
            Re: Default User on NETLOGON Question

            isn't the whole idea of roaming profile for it to be the same profile regardless on where you log in?

            Comment


            • #7
              Re: Default User on NETLOGON Question

              Yes with roaming profiles, dough it's not smart to put it into the netlogon
              However, the default user profile is their to initial create a new profile for a new user.
              After this, his newly created userprofile (based on the default user profile) should be copied to a network share if you want a roaming profile.
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment

              Working...
              X