Roaming profiles in domains

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Not sure if it's the right place but it has to do with network problems.

How do people with small/medium (50-60 people) domain setups configure their user profiles? Roaming or local?

The reason I ask is that we are having problems with our profiles (roaming) setup. Deleted items from the desktop reappearing the next day, users logging on up to 10 times before their profile is found, profiles getting corrupted and many more.

Our thoughts are to do away with roaming profiles and have local profiles for everybody. Their user folder is already mapped and they would need to learn to save any documents on the server shares. Is this feasible?

Our main concern is with network shares (about 15) which different groups have access to. Is it possible to set network shares to be published group wise via GPO?

Any advice accepted willingly and gratefully.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Roaming profiles are such a pain in the butt. I've never seen it work well. I typically set everyone up as local, with a redirect for their documents to be stored in their home directory on a server.

 

Agree.

Local profiles with GPO's doing folder redirection and locking the pc down.

 

But can I publish the network shares via GPO or would it have to be via login script?

I take it the same would apply to printers?

 

Might be a good reason for implementing an all server 2008 domain controller deployment then.

 

What can I say except

 

This is by design.

Roaming profiles on the PC are merged with the profile on the server. so if a user deletes items and then logs on to a PC with an older profile the new profile on the server is merged with the old one on the PC and then old stuff "reappears" its a pain in the butt

There is also an issue with logging out sometimes, typically with XP by choosing shutdown it will kill a network connection before the PC has had time to send all the traffic over the network (if it is a big profile)

Using Logout negates this to some extent as the PC isn't on a, lets call it "timer", before shutdown.

Its a problem that causes me almost daily grief, I just can't be bothered right now to get around to changing the old roaming system over to local profiles with folder redirects which would work better

 

I never use roaming profiles wherever I work - hate them with a passion. Absolute pain in the arse, requires loads of time & resources to troubleshoot and pretty much every benefit can be achieved so much more cleanly with GPOs & folder redirection. Sorry but "I like my desktop set up this way" is not a good enough reason for me to waste my valuable time implementing, supporting and troubleshooting a technology that, frankly, is crap and far too over-complicated.

Like Mike, I've never seen it work well anywhere.

 

Often, when using roaming profiles users normally report slow response time for shared folders. That actually makes the whole thing frustrating both for users and administrators. Though roaming profiles do have their good side but that has to be configured properly. Anyway, to ensure that the My Documents for each user is stored and maintained on the user's client computer;

Create a GPO, change the redirection setting in the GPO to Not Configured. Run the gpudate command on the server on which the share resides.
In the GPO, change the specified path to %USERPROFILE%\My Documents.

This leaves out the use for roaming profiles.

 

I always understood that any changes were written back to the profile on the server. If you have 2 docs on the desktop and then delete them then when you log off/shutdown the desktop folder has changed and will be written to the server minus the 2 deleted files. The next time you log on they are not there. If merging was the case then we'd never be able to delete anything.

Also the users generally only use their own pc. I have also had a couple of cases where users have logged onto multiple workstations, saved files on the desktop and logged off, then later logged off the other workstation and the files are not there anymore.

I've also done this and we have less problems but still some.

I'd be a happy man if it was "only" a couple hundred megabytes. Some users have folders with up to 2 GB on their desktops, 2.4 GB mail archives and as I found in one users my documents folder yesterday, over 7GB of Jericho (tv series) videos. Time to get nasty methinks.


Seriously thinking about implementing local profiles but I'm not too sure how I get around the access to all the network shares though..

 

You could try disk quotas for the users.

 

...except when the network isn't immediately available when the user logs on, which brings up a cached copy of the profile... you can never really trust roaming profiles to do what it's supposed to do (in theory) every single time.

If that's the case, why bother with roaming profiles?

Had a bank that insisted on using it until I told them that that's what was causing several-minute-long logons in the morning.

Don't you have admin access?

Just set up a Users folder, then point each user's home directory to \\servername\share\%username%.

 

Exactly as he said.

There are a shed load of settings you can change in Group Policy to "attempt" to control this however it just doesn't quite go to plan all the time

I have had to deal with similar problems that you are describing, I tell our staff to save things on their own personal drive space on the server as that is backed up, but if they save things on their desktop this is on their local machine and therefore IT will not be responsible for if it is lost.

Obviously that statement is not entirely true but they don't know that, and now important documents are saved to network drives and are kept safe