Terminal Server won't create Roaming Profile

Discussion in 'Windows Desktop Systems' started by drummer4lifex, Jul 7, 2006.

  1. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    I am pulling my hair out over this!

    I've created a share for separate TS Profiles and in Active Directory, you can set the group policy to store profiles on this specified share. Now when I go to login as a user, the profile is still created locally or pulled from their workstation roaming profile (we still have a few of those floating around). Shouldn't it be creating a NEW profile on the share that I specified?
     
  2. Mastershakes

    Mastershakes Moderator

    Messages:
    1,721
    Location:
    Montreal
    Can you double check this procedure - Technet
     
  3. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    I double checked. That guide is what enlightened me about the option in the group policy. This is why it doesn't make sense.
     
  4. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    Have you checked the workstations are pulling the updated GPO? Do you have a single GPO, or more than one in use on the domain?
     
  5. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    I have one general one, and then there's one that just points all the workstations to the WSUS Server. The terminal services config is edited under the general domain GPO.
     
  6. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    Can you do a GPRESULT from the workstations to verify the GPO is being applied properly.

    Also may want to try a general, low-impact change elsewhere in the GPO to see if the workstations are pulling it down without issue.
     
  7. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    Oh. That's not good. Apparently they are being filtered. I've never heard of this before, what does that mean?
     
  8. Brad

    Brad Moderator Political User Folding Team

    Messages:
    2,280
    Location:
    Cary, NC
    Are they being blocked by an ACL?
     
  9. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    I don't think they're being blocked by an ACL... how would I check?
     
  10. Brad

    Brad Moderator Political User Folding Team

    Messages:
    2,280
    Location:
    Cary, NC
    check the rules on your switches
     
  11. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    What would that qualify as? Access rules? like WAN to WAN probably? Or are you talking about like an application switch such as something like "run -w -d awesome.exe"
     
  12. Brad

    Brad Moderator Political User Folding Team

    Messages:
    2,280
    Location:
    Cary, NC
    sorry, I was thinking network switches. For instance, you can set up rules in your switches that will block certain types of packets. You can create one rule that says "if it is not in a set of these types, then block it" and no matter what, that packet/frame is not getting through. Check with the administrators of the network for the first three layers and see if anyone is blocking the tcp/udp port that you need.
     
  13. drummer4lifex

    drummer4lifex OSNN Junior Addict

    Messages:
    22
    I have inherited the duty of network administrator. Long story short, I'm consulting for a business that broke off from another larger business, but the larger network is still theirs.

    Do you know by any chance what port it is? I can check the firewall tomorrow. In fact I have to clean out all the old VPNs and such anyway so it will be perfect to check.
     
  14. kcnychief

    kcnychief █▄█ ▀█▄ █ Political User Folding Team

    Messages:
    16,948
    Location:
    Massachusetts
    I am 99.9% sure that a switch is not the issue, GPO filtering takes place on the Domain Level, from the Domain Controller.

    That being said, and wrt to your specific position of inheriting responsibilities, I suggest you give this a once over -

    http://www.microsoft.com/technet/itsolutions/msit/security/grppolobjectmgmt.mspx

    It touches on filtering a little bit, may start you in the right direction.