Do you have a highly mobile local user base? Do your users tend to move about machines in your location, and if so, do they often complain to you that their personalized settings and desktop customizations don't travel with them? If you are shaking your head in the affirmative, then roaming user profiles may make your phone ring a bit less.
Roaming user profiles are simply collections of settings and configurations that are stored on a network location for each user. Once you perform some fairly simple configurations, every time a user logs on to a machine in your domain with his domain credentials, that user's settings will follow him and automatically be applied to his log-on session for that particular machine.
In this article, I'll show you how to create a baseline profile that will be used by default for new users wherever they log in, and then I'll share some tips on how to make a mass deployment of roaming profiles--particularly for users who already have customized their working environments--a bit easier for you.
Before you begin creating a roaming profile, you need to create a temporary user account on your machine, and then configure that temporary account's profile however you like. For the remainder of this article, I will assume that you're running Windows Server 2003 in an Active Directory environment; therefore, to create a new user account, you will need to load Active Directory Users and Computers.
Once the tool is loaded, follow these steps:
Example Profile User, with a log-on name of
profiletest. Figure 1 illustrates this.
Figure 1: Creating a test user
What just happened? Essentially, creating the temporary account allows you to create a "template," and within the environment of that template you can customize the settings and appearance that will make it into the future roaming profile. All of these settings are stored in a directory on the local computer, which is called something like:
C:\Documents and Settings\username
Once you've logged in to the machine using the temporary account, configure everything the way you would like it: add shortcuts to the desktop; change the format of the Start menu; change the colors, font, and size of windows and title bars; and so forth. Remember, we're intending that this profile be the default for all users, so create the profile's configuration with that baseline in mind. Once you have finished your customization, log off the machine, and then log in again with an administrator account.
You might be wondering at this point what actually is stored within a user profile. A profile is made up of several different folders:
If you can't see all of these folders, don't worry; they're most likely still hidden. To see them, select Folder Options from any Explorer window's Tools menu, click on the View tab, and select the option to Show Hidden Files and Folders.
With that said, the next task is to actually send the profile to your network server. To do this, create a folder on the network drive that will hold roaming profiles. In my case, I'll create a share on my Windows Server 2003 machine called
Profiles. Then, on the client machine where your new baseline profile is stored, go into the Control Panel and double-click on System. Then follow these steps:
Figure 2: Copying the profile to the network server
Note: When you're determining the shared location for user profiles, try to put them on a member server as opposed to a domain controller. Domain controllers have their own issues, and there's no need to bog them down with profile processing in addition to authenticating, emulating, and so on. While you're at it, make sure that the server you choose is backed up regularly, so you don't lose all of your user profiles to a machine failure.
You should be back to the desktop now. Next, load Active Directory Users and Computers again, find your temporary user account, and right-click on it, selecting Properties from the pop-up menu. Navigate to the Profile tab, and then, in the "Profile path" box in the User Profile section, enter the full network path to the profile you just copied, including the username. Figure 3 illustrates.
Figure 3: Specifying the path for the user's roaming profile
Click on OK, and you're done. The temporary user now can use the profile stored on the network, and whenever he uses his domain credentials to log on to a machine that is a member of the domain, he will receive a copy of his profile, including any changes he makes at any time.
If this works successfully for you, you can repeat this procedure for other users as needed. Here are a few tips, tricks, and "from the streets" experiences to hopefully make the repetitive process a bit easier:
%USERNAME%variable in the profile path. Windows will sort out the correct username for each user.
\\SERVERNAME\SYSVOL\yourdomainname\Scripts\Default User. Replace your server name and domain name as appropriate. For example, in my case I would configure my baseline profile to
That's all there is to basic roaming profile deployment. By setting up roaming user profiles in your organization, your base of mobile users will always have their customizations and preferred environment available to them on networked machines.
Jonathan Hassell is a system administrator, IT consultant, and industry author residing in Raleigh, North Carolina.
Return to the Windows DevCenter.
Copyright © 2009 O'Reilly Media, Inc.