|
Home > Archive > 70-210 > July 2003 > mandatory Profile WIN2003 (Help)
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
mandatory Profile WIN2003 (Help)
|
|
| hcandaner 2003-07-17, 6:04 am |
| Hi guys.
I want to use mandatory user profiles on windows 2003 server.What i need i want to do customise clients desktop.For example they just able see printer icon in their computer.Some documents should come froem their profiles.Life ms world and exel on their desktop also printer icon on start menu.I mean very high securty.Is it possible to di with mandatory profile.I need urgent help guys.
Also 1 more think.They wanna update their desktop.They are gonna change every day and that desktop keep update them.25 computers.
Clients: Windows XP Prof
Many thanks
Hakan
Sorry to send it twice. | |
| mrfixit 2003-07-18, 10:29 am |
| Just started evaluating 2003 Server today, so not quite up to speed. However, I did find this M$ article that should shed some light on the subject.
To create a mandatory user profile
Open Active Directory Users and Computers.
In the details section, right-click the applicable user account, and then click Properties.
Where?
Active Directory Users and Computers
applicable domain
applicable container (such as Users)
applicable user account
Click the Profile tab.
In Profile path, type the path information ending with the .man file name extension.
Notes
To perform this procedure, you must be a member of the Account Operators group, Domain Admins group, or the Enterprise Admins group in Active Directory, or you must have been delegated delegated
An assignment of administrative responsibility to a user, computer, group, or organization.
For Active Directory, an assignment of responsibility that allows users without administrative credentials to complete specific administrative tasks or to manage specific directory objects. Responsibility is assigned through membership in a security group, the Delegation of Control Wizard, or Group Policy settings.
For DNS, an assignment of responsibility for a DNS zone. Delegation occurs when a name server (NS) resource record in a parent zone lists the DNS server that is authoritative for a child zone.
the appropriate authority. As a security best practice, consider using Run as to perform this procedure.
To open Active Directory Users and Computers, click Start, click Control Panel, click Performance and Maintenance, click Administrative Tools, and then double-click Active Directory Users and Computers.
A mandatory user profile mandatory user profile
A user profile that is not updated when the user logs off. It is downloaded to the user's desktop each time the user logs on, and it is created by an administrator and assigned to one or more users to create consistent or job-specific user profiles. Only members of the Administrators group can change profiles.is a preconfigured user profile. The user can still modify the desktop, but the changes are not saved when the user logs off. The next time the user logs on, the mandatory user profile is downloaded again. User profiles become mandatory when you rename the NTuser.dat file on the server to NTuser.man. This extension makes the user profile read-only.
Mandatory user profiles do not allow changes to be applied to the user profile stored on the server.
Profile management should be done preferentially by policy. Mandatory profile use, although permitted, is less manageable and more prone to create administration problems, thus it is not recommended.
Use a full path in each user account user account
In Active Directory, an object that consists of all the information that defines a domain user, which includes user name, password, and groups in which the user account has membership. User accounts can be stored in either Active Directory or on your local computer.
For computers running Windows XP Professional and member servers running Windows Server 2003, use Local Users and Groups to manage local user accounts. For domain controllers running Windows Server 2003, use Active Directory Users and Computers to manage domain user accounts.
:
\\Server\ShareName\UserName
For ShareName, create a Profiles folder if it does not already exist, and share the folder with authenticated users allowing read-only permissions
permissions
A rule associated with an object to regulate which users can gain access to the object and in what manner. Permissions are assigned or denied by the object's owner.. The shared folder shared folder
A folder on another computer that has been made available for other people to use on the network.must be created before the user profile can be used.
To provide better security, user profiles and home folders should be created on an NTFS volume.
When creating a mandatory profile, make sure you set the appropriate access permissions for the user or groups of users who will use this profile.
You can also create a mandatory user profile by using Windows Explorer to rename the NTuser.dat file to NTuser.man.
The administrator can assign the same mandatory user profile to as many users as needed.
Tried to put just the link in, but it was too long or something, as it wouldn't work.
Hope this helps!  | |
| hcandaner 2003-07-18, 11:40 am |
| help  | |
| mrfixit 2003-07-18, 11:53 am |
| quote:
Originally posted by hcandaner
help
Guess that wasn't what you were after.... |
|
|
|
|