No announcement yet.

Cross Domain Roaming Profiles on 2 node RDS Cluster

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cross Domain Roaming Profiles on 2 node RDS Cluster

    We've got a 2 node RDS (2008 R2) Terminal Cluster and its got a policy to make all users who log on to the computer a roaming profile on a shared path on a separate file server.

    This works fine for users who are in the same domain (forest) but we've also got users in other forests (single forest single domain) that also need to connect in and have a roaming profile that is saved. Needs to be roaming as they may end up on either node.

    I have enabled the GPO to allow Cross forest security and roaming profiles but still have this problem:

    The user logs on to Their account is in Domain B. A 2 way forest trust exists. The profile gets created on the shared path \\\profile$\%username% but it never populates it - its just got a .V2 folder under the created user name and nothing under that. The user receives an error at log in saying they are using a temporary profile and it will be deleted after, saving nothing. No local copy of user.domainB is created.

    I have checked all permissions on the local Users directory and remote profile folder and even opened them right up to make sure its not a permissions thing. I can browse to the user roaming profile without issue - its just empty!

    Any ideas?

  • #2
    Re: Cross Domain Roaming Profiles on 2 node RDS Cluster

    I didnt used Roaming Profiles with multipile domains... so you may need to verify that the Forest trust etc. is functions as needed.
    After it, you may need to review the NTFS + Share permissions.
    Try to create a new share with Everyone have Share + NTFS - Full Control and test the Roaming Profiles.
    If it works, you may need review the permissions of the orginal Roaming Profiles hosting share/folder (e.g. Create Owner etc.)
    Best Regards,

    Yuval Sinay

    LinkedIn:, Blog:


    • #3
      Re: Cross Domain Roaming Profiles on 2 node RDS Cluster

      Here's what I think will do the trick (although I don't have much experience with cross forest trusts):

      1. Create a universal group in the trusted domain and add the appropriate users from the trusted domain to the group.

      2. Create a domain local group in the trusting domain and add the universal group from the trusted domain to this domain local group.

      3. Set the appropriate permsisions to the romaing profile share for the domain local group.


      • #4
        Re: Cross Domain Roaming Profiles on 2 node RDS Cluster

        Thank you both for taking the time to reply. I have tried both and still the same problem. When it logs in with the temporary profile, I can browse no problem to the profile$ folder and into the empty V2 folder its creates for the profile. I've also allowed full control on the local Users folder in case it was having trouble writing the profile there but still it logs me in with a temp user profile


        • #5
          Re: Cross Domain Roaming Profiles on 2 node RDS Cluster

          OK I have fixed this. For the benefit of anyone else with the issue, it was because of profiles that had not been properly unloaded. I had to go into the registry and delete profiles with .bak on the end of them under this Reg Key:

          HKLM>Software>Microsoft>WindowsNT>CurrentVersion>P rofileList

          Then I tried again and it was fine. If I had tried a secondary test account, it would have worked but I was only using the same test account each time.

          Thanks all