Problems using Group Policy to set a mandatory profile…

Here’s a weird one i came across this week while configuring a mandatory profile, I was using my local laptop to configure group policy over the domain and could set the mandatory profile, but could not set the “Do not append the user name to the profile path” as it was missing from the group policy object!

After much head scratching we discovered an extra registry setting embedded in the group policy:

HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows NTTerminal
ServicesWFDontAppendUserNameToProfile dword = 1.

Still none the wiser to the issue we found the following article http://support.microsoft.com/kb/908011. With this we put two and two together, and logged into a 2003 domain controller (sp2) and low and behold the policy setting was available.

It seems the group policy were updated in service pack 2 to reflect an issue when trying to configure mandatory profiles, I do aim to copy the policies to my laptop and see if i can update them to reflect the change but I’ve been to lazy so far :)

Update: Well i got around to testing the policy copy, if you copy the .adm files from the domain controller to your local machine with the problem, it will resolve the issue.

Heres an example of scripting the change:

pushd domaincontrollerc$windowsinf
copy *.adm %windir%inf
popd

That’s it. reload gpedit.msc and you should see hte entries correctly.

Related Posts

ThreadLocker 2.0 is live! Back in 2012 I wrote a utility called "ThreadLocker" for dealing with CPU heavy processes or multi threaded processes that have a nasty tendency to ca...
Announcing the ThinKiosk v4 Release Thinkiosk Version 4.0 is the culmination of 9 months hard work, rebuilding ThinKiosk in a new development style to include the enterprise features m...
Controlling the creation of Libraries in Windows 7... Following on from my previous post about libraries, I have found you can actually control library creation, but there is a two fairly large caveats I'...

Leave a Reply