Windows 2000 User Profiles
The user's profile allows the user's environment to be configured. The User Manager administration tool allows user profiles to be modified when "user properties", then "profile" are selected. The user profile contains:
- Desktop settings - screen colors, wallpaper, screen saver
- Persistent network and printer connections
- Mouse settings and cursor settings
- Recently edited documents.
- Start-up programs, shortcuts, and personal groups
- Settings for Windows applications - Notepad, Paint, Windows Explorer, Calculator, Clock, and more.
- Start menu settings - Programs that can be selected from the start menu.
The user profile settings are saved on disk. They are loaded when the user logs on. There are two profile types:
- Local profile - Stored in the C:\Documents and Settings\username folder. The profiles file is NTUSER.DAT in the directory called by the user's name. A mandatory profile which discards any changes the user makes to their profile at logoff time, can be implemented by modifying the name of the user profile file from NTUSER.DAT to NTUSER.MAN. The ntuser.ini file is used to set up the user roaming profile components that are not copied to the server. The ntuser.dat.LOG file is used for NTUSER.DAT file recovery in the case of an error. Additional folders in the C:\Documents and Settings\username folder are:
- Application Data - Refers to data used by application programs that the user may modify when they change a setting in the application.
- Desktop - Refers to desktop and briefcase shortcuts.
- Favorites - Application favorites such as web site favorites on IE and favorite programs.
- FrontPageTempdir - Only on Windows 2000 Servers for files made by Microsoft FrontPage
- Local Settings - Settings used by common applications such as IE.
- My Documents
- NetHood - Network servers or shared network folder shortcuts.
- PrintHood - Network printers.
- Recent - Shortcuts to documents recently used.
- SendTo - Shortcuts to places where files are copied.
- Start Menu - The user's start menu and shortcuts.
- Templates - Application templates.
- Roaming - Stored on an NT server and downloaded to the computer that the user logs onto. This way the same user's profile can be available on any machine.
- For local users - If no user profile exists when the user logs on, the contents of the Default User profile folder are copied to the C:\Documents and Settings\username folder.
- For domain users - The NETLOGON share on the domain controller is checked for a default user profile. If one does not exist, it copies the contents of the local Default User profile folder to the local computer NETLOGON\username directory.
The default user settings are used to create a new user's profile when the new user logs on the first time. The administrator may modify the contents of the Default User profile directory to change the settings for first time users of the system. The Control Panel, System applet is used to copy user profiles. The "User Profiles" tab is used. The System applet is also used to delete user profiles. Shortcuts may be added to the Default User profile directory using Windows Explorer.
All Users Profile
Administrators may install applications and place shortcuts in the All Users Profile directory. All users will have access to these shortcuts and applications. These applications appear on users' desktops. The All Users Profile is not available on a domain wide basis.
Roaming and local profiles may be mandatory which will not allow the user to modify them. Roaming profiles are profiles that have been placed on a central server. When the user logs onto the domain, the roaming profile is copied to the local computer the user logged on from. If the user makes changes to the profile, they are saved to the local computer and the central server. When the user logs on from another computer the most recent of the local or server stored profile is used. If a user's profile is a mandatory profile and that profile is not available when the user attempts to log on, the logon attempt will fail.
To create a roaming user profile:
- Create a shared directory on a domain controller computer or server.
- Assign a profile path to the shared directory on domain user accounts. This is done on a domain controller from the "Active Directory Users and Computers" tool.
On a local computer the user profile path is set using the Computer Mnangement Dialog box which is activated by right clicking on "My Computer" and selecting "Manage"
- Click + next to the domain the user is in.
- Highlight the Users folder.
- Right click the user's account and select properties.
- Set the path in the Profile path text window.
If a user is deleted, the user profile should first be deleted by using the "User Profile" tab of the User Manager.
On Windows NT servers, the System Policy Editor is used to control user profile settings. The authenticating domain controller gets system policies from the file WINNT40\SYSTEM32\REPL\IMPORT\SCRIPTS\NTCONFIG.POL. Therefore to have policies replicated to all domain controllers, place the NTCONFIG.POL file in the directory WINNT40\SYSTEM32\REPL\EXPORT\SCRIPTS.
Roaming profiles can be configured between workstations by setting up a user profile in a shared directory that is accessible to all workstations the user will log on from. Then on each workstation, the user will log in from, the UNC path to the profile file must be set. This is done from the User Manager, "select "User Properties" for the user, then "Profile", then enter in the UNC path in the "User Profile Path" text box.