A.11 Roaming Profile Policy Troubleshooting

Unable to enforce a Roaming Profile policy on a Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 device if the user profile is stored in a shared folder on a Windows Server 2003 device

Source: ZENworks Configuration Management; Policy Management; Windows Configuration Policy.
Explanation: If a Roaming Profile policy is assigned to a user who has not logged into a Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 device at least once before the policy was assigned, enforcing the policy fails on the device. This is because of insufficient permissions configured for the shared folder containing the user profile on the Windows Server 2003 device.
Action: Perform the following steps on the Windows Server 2003 device:
  1. Create a local user account with the same credentials that the user specifies to log in to the Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2 device.

    For example, if the username is user1, create a local account with user1 credentials.

  2. Create a folder named username.v2.

    For example, user1.v2.

  3. Right-click the folder, then click Properties.

  4. Click Sharing and share the folder.

  5. Click Permissions to provide Full Control permissions for the user, click Apply, then click OK.

  6. Click Security.

  7. In the Group or user names panel, click CREATOR OWNER, then click Advanced.

  8. In the Advanced Security Settings box, click Owner.

  9. Click Other Users or Groups.

  10. In the Select User or Group dialog box, click Advanced to add this user as the current owner of the folder.

  11. Click OK.

  12. Provide Full Control permissions for the CREATOR OWNER.

  13. Click Apply, then click OK.

Windows 7 Roaming Profiles fails when user is assigned a temporary profile or fails to log on

Source: ZENworks Configuration Management; Policy Management; Windows Configuration Policy.
Action: Perform the following:
  • Ensure the Novell Client has the following:

    • Set NetWare Client > Properties > Advanced Login > Allow Roaming User Profile Paths to non-Windows servers = ON.

    • Refer to the Novell Client documentation, Setting Properties on a Single Workstation after Installation, at http://www.novell.com/documentation/vista_client/vista_client_admin/data/a3llvcg.html#b856y7f

  • Ensure that the home directory has been pre-populated with a default profile and the permissions set correctly.

    • The default user profile should be stored in the user's home directory in a subdirectory named exactly as, Windows NT 6.1 Workstation Profile.V2.

  • Ensure that any LDAP Proxy users used by ZCM have Read and Compare rights to the user's Home Directory attribute.

  • Remove all duplicate entries for the user under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList and try logging on again.