sglee
asked on
SBS2011 creates TEMP profile when logging in as Domain Admin
Hi,
I created a virtual machine with SBS2011 in Windows Server 2012 R2 Hyper-V and during the SBS2011 setup, I gave the name "MTAdmin" as domain administrative account.
I noticed "Windows cannot find the local profile and is logging you on with a temporary profile" in Event Viewer and I saw C:\Users\Temp.
In order to fix the problem, I took the advise and did the following:
Renamed the registry keys and folder names
S-1-5-21-2450739672-124276 001-284587 3236-1162. old
S-1-5-21-2450739672-124276 001-284587 3236-1156. old
C:\Users\Temp.old
C:\Users\MTAdmin.old
I restarted SBS2011 and logged in as MTAdmin, but the problem continued as before:
(1) It created a new folder "mtadmin"(notice that the login name is in small letter instead of MTAdmin in SBS Console")
(2) It created c:\Users\Temp again.
Can someone help? I like to emphasize that this is SBS2011, not just Windows server OS.
Please refer to article ID 28903098 for additional screenshots.
I created a virtual machine with SBS2011 in Windows Server 2012 R2 Hyper-V and during the SBS2011 setup, I gave the name "MTAdmin" as domain administrative account.
I noticed "Windows cannot find the local profile and is logging you on with a temporary profile" in Event Viewer and I saw C:\Users\Temp.
In order to fix the problem, I took the advise and did the following:
Renamed the registry keys and folder names
S-1-5-21-2450739672-124276
S-1-5-21-2450739672-124276
C:\Users\Temp.old
C:\Users\MTAdmin.old
I restarted SBS2011 and logged in as MTAdmin, but the problem continued as before:
(1) It created a new folder "mtadmin"(notice that the login name is in small letter instead of MTAdmin in SBS Console")
(2) It created c:\Users\Temp again.
Can someone help? I like to emphasize that this is SBS2011, not just Windows server OS.
Please refer to article ID 28903098 for additional screenshots.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I strongly disagree with no reboot--w/o a reboot sometimes it works, most times it doe not so I strongly recommend reboot ESPECIALLY since questioner has already indicated that previous attempts have not work as desired.
The questioner's previous attempts did not deal with the issue at hand, the user indicated that the HKU registry keys were renamed. as well as the folders. The TEMP profile is created when the User ID is referenced as having been backed UP and thus locked in the profilelist I referenced in the HKLM\software\microsoft\wi ndows nt\currentversion\ProfileL ist
renaming the current temp {} to {}.old and the {}.bak to {}
logging out and logging back should resolve the TEMP issue, however, since the HKU were renamed, the new login .......... might run into separate issues i.e. seeing the user as though it is new and setting it up anew.
renaming the current temp {} to {}.old and the {}.bak to {}
logging out and logging back should resolve the TEMP issue, however, since the HKU were renamed, the new login .......... might run into separate issues i.e. seeing the user as though it is new and setting it up anew.
ASKER
To all,
I manage multiple SBS2011 sites and this is the first time that I ever paid attention to the errors in Event Viewer right after new SBS2011 install. Since I have been seeing a ton of errors in virtually every SBS servers, I usually do not bother trying to fix every error. But this time I wanted to start with error free site and that intention lead to the discovery of C:\Users\Temp folder.
So far many experts made similar suggestions - renaming or deleting SID entries in profilelist and doing the same for C:\Users\Temp and C:\Users\MTAdmin. But none worked so far for me on this particular SBS.
This got me curious and I decided to check all existing SBS sites that I manage. One interesting discovery is that I see this problem in every SBS2011 servers. Some had only one C:\Users\Temp but some servers had multiple Temp folders. Temp001, Temp002 ...
Even with this issue, every SBS site is working fine. So, as much as I am eager to find the fix this error, I wonder if I should leave this alone.
AS LONG AS THE SYSTEM WORKS, MAYBE I SHOULD NOT CARE?
My wild guess is perhaps because I have been logging into SBS via dedicated monitor Or/and if I can not walk to the physical server, then I would use Remote Desktop connection from networked workstation computer or home PC via RD gateway?
I manage multiple SBS2011 sites and this is the first time that I ever paid attention to the errors in Event Viewer right after new SBS2011 install. Since I have been seeing a ton of errors in virtually every SBS servers, I usually do not bother trying to fix every error. But this time I wanted to start with error free site and that intention lead to the discovery of C:\Users\Temp folder.
So far many experts made similar suggestions - renaming or deleting SID entries in profilelist and doing the same for C:\Users\Temp and C:\Users\MTAdmin. But none worked so far for me on this particular SBS.
This got me curious and I decided to check all existing SBS sites that I manage. One interesting discovery is that I see this problem in every SBS2011 servers. Some had only one C:\Users\Temp but some servers had multiple Temp folders. Temp001, Temp002 ...
Even with this issue, every SBS site is working fine. So, as much as I am eager to find the fix this error, I wonder if I should leave this alone.
AS LONG AS THE SYSTEM WORKS, MAYBE I SHOULD NOT CARE?
My wild guess is perhaps because I have been logging into SBS via dedicated monitor Or/and if I can not walk to the physical server, then I would use Remote Desktop connection from networked workstation computer or home PC via RD gateway?
the 000 gets appended to profiles the system during logon sees as in USE..
The profilelist .bak/.orig switch usually clears it given the one without the .bak will be the one pointing to the c:\Users\TEMP while the .bak will be the one pointing to c:\Users\Username by altering and logging off, the system will delete the one without the .bak and thus will release the reference for c:\Users\Username such that a subsequent login will have username logging in with access to their c:\Users\Username.
You deleted the HKU as well as the c:\Users the system on logon consults the ProfileList reference to make sure it does not set one user with two session into the same folder..........
The profilelist .bak/.orig switch usually clears it given the one without the .bak will be the one pointing to the c:\Users\TEMP while the .bak will be the one pointing to c:\Users\Username by altering and logging off, the system will delete the one without the .bak and thus will release the reference for c:\Users\Username such that a subsequent login will have username logging in with access to their c:\Users\Username.
You deleted the HKU as well as the c:\Users the system on logon consults the ProfileList reference to make sure it does not set one user with two session into the same folder..........
ASKER
I am going to try deleting SID entries and Temp folders in about 3 hours and post results.
Which and where are you contemplating the deletions?
Does your administrative user have a roaming profile??
You've mentioned the errors but thus far you've not posted a sample of such errors.
Does your administrative user have a roaming profile??
You've mentioned the errors but thus far you've not posted a sample of such errors.
ASKER
1. I logged in as "mta" - a new user account as domain administrator" that I created in AD Users and Computers.
2. The account in question is "MTAdmin" that was created duing SBS2011 setup process.
3. In registry ProfileList, I deleted the following keys that corresponds to C:\Users folder names.
S-1-5-21-2450739672-124276 001-284587 3236-1156 C:\Users\MTAdmin
S-1-5-21-2450739672-124276 001-284587 3236-1162 C:\Users\TEMP
4. When I tried to delete C:\Users\TEMP, it was said to be "In Use", so I rebooted the server.
5. After the reboot, I logged in as "mta" and was able to delete C:\Users\TEMP folder.
6. I logged off and logged in as "mtadmin".
7. I checked C:\Users folder and I don't see C:\Users\Temp folder anymore.
2. The account in question is "MTAdmin" that was created duing SBS2011 setup process.
3. In registry ProfileList, I deleted the following keys that corresponds to C:\Users folder names.
S-1-5-21-2450739672-124276
S-1-5-21-2450739672-124276
4. When I tried to delete C:\Users\TEMP, it was said to be "In Use", so I rebooted the server.
5. After the reboot, I logged in as "mta" and was able to delete C:\Users\TEMP folder.
6. I logged off and logged in as "mtadmin".
7. I checked C:\Users folder and I don't see C:\Users\Temp folder anymore.
ASKER
When I checked Event Viewer, I DO NOT see "Windows cannot find the local profile and is logging you on with a temporary profile" anymore.
From my experience (and I have had to do this many times) rebooting DOES help and in many instances is required so I am glad to see that that worked for you.
ASKER
Arnold
"The TEMP profile is created when the User ID is referenced as having been backed UP and thus locked in the profilelist" and the 000 gets appended to profiles the system during logon sees as in USE.."
Having read your comments above, I think I am beginning to understand why all of my SBS2011 computers have at least one or more c:\users\temp folders now.
This evening when I saw the logon screen on sbs2011, I read something like "domain admin is already logged in ... locked". So I logged in and closed all the programs that were open before I logged off properly. When I reconnected back to the server, I did not see the word "locked". Instead I saw "switch user" with last used admin account name.
Looking back, I had a habit of connecting to SBS servers using RDP or Logmein, but failed to log out properly and connecting to them again from another computer. Therefore previous profile was locked in and temp profile was created and used.
"The TEMP profile is created when the User ID is referenced as having been backed UP and thus locked in the profilelist" and the 000 gets appended to profiles the system during logon sees as in USE.."
Having read your comments above, I think I am beginning to understand why all of my SBS2011 computers have at least one or more c:\users\temp folders now.
This evening when I saw the logon screen on sbs2011, I read something like "domain admin is already logged in ... locked". So I logged in and closed all the programs that were open before I logged off properly. When I reconnected back to the server, I did not see the word "locked". Instead I saw "switch user" with last used admin account name.
Looking back, I had a habit of connecting to SBS servers using RDP or Logmein, but failed to log out properly and connecting to them again from another computer. Therefore previous profile was locked in and temp profile was created and used.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Why should I not log in as admin?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
mstsc /admin /v:host
Is the above good for within the same network?
Is the above good for within the same network?
as long as you can reach /v:host whether it is locally or over host has to resolve to the system where you want to end up.
ASKER
Thanks for the information.
We put this on _all_ systems we manage:
Shortcut:
C:\Windows\System32\logoff .exe
Icon:
%SystemRoot%\system32\SHEL L32.dll
Bottom row, 7 in.
We use it because MMCs are horrible for memory leaks. We use it because Hyper-V hosts will die over time due to consoles being left open. It takes some discipline but it is a MUST to log off when done!
Shortcut:
C:\Windows\System32\logoff
Icon:
%SystemRoot%\system32\SHEL
Bottom row, 7 in.
We use it because MMCs are horrible for memory leaks. We use it because Hyper-V hosts will die over time due to consoles being left open. It takes some discipline but it is a MUST to log off when done!
Did you modified the c:\users folder security?
another thing: usually the corrupted ‘Ntuser’ files cause this issue. So, run the check disk for C partition.
Dan