Help! I have no hair left.
Objective: using a combination of mandatory profile and a GPO for a student
OU that will give a student a share folder and lock down the desk top.
My approach: In a GPO I define the lockdown settings. I specify the
logon.bat which uses net use to set the drive mapping to a shared directory
for students. I also defined the profile path //server/profiles/mandatory
In the Mandatory profile I establish how the desktop will look (icons etc).
To test this I have student-A student-B Student-C that belong to a
studentrights OU which has a studentgpo.
To create the mandatory profile (which may be the problem) I did the
following steps:
1. Logged as student-A
2. Configured desktop icons that I want students to have access to.
3. logged off
4. logon on as administrator
5. performed a copyto //server/profiles/mandatory
6. In the profile I changed netuser.dat to ntuser.man
7. logged on as student-A
desktop was ok
drive mapping was ok
Now the fun begins
Went to another computer and logged on as student-A
all was ok
on the same computer I logged on as student-B
the desk top was not the same as student-A
There was no lockdown {i.e. disabled control panel)
and no access to the mapped drive set by the logon.bat.
I ran gpresults and everything showed positive.
I checked the GPO status and it showed enabled with a check mark.
It appears that the mandatory profile is behaving as if it is a roaming
profile just for student-A.
What am I doing wrong? Please save my last strands of hair ....Thanks
The problem is when you are copying the profile up to the network drive.
Their is an option to change the users who can access the profile. Create a
group and add your users to it. Allow the group to access the profile.
Chris
"Will Sellers" wrote:
> Help! I have no hair left.
> Objective: using a combination of mandatory profile and a GPO for a student
> OU that will give a student a share folder and lock down the desk top.
>
> My approach: In a GPO I define the lockdown settings. I specify the
> logon.bat which uses net use to set the drive mapping to a shared directory
> for students. I also defined the profile path //server/profiles/mandatory
> In the Mandatory profile I establish how the desktop will look (icons etc).
>
> To test this I have student-A student-B Student-C that belong to a
> studentrights OU which has a studentgpo.
> To create the mandatory profile (which may be the problem) I did the
> following steps:
> 1. Logged as student-A
> 2. Configured desktop icons that I want students to have access to.
> 3. logged off
> 4. logon on as administrator
> 5. performed a copyto //server/profiles/mandatory
> 6. In the profile I changed netuser.dat to ntuser.man
> 7. logged on as student-A
> desktop was ok
> drive mapping was ok
> Now the fun begins
> Went to another computer and logged on as student-A
> all was ok
> on the same computer I logged on as student-B
> the desk top was not the same as student-A
> There was no lockdown {i.e. disabled control panel)
> and no access to the mapped drive set by the logon.bat.
> I ran gpresults and everything showed positive.
> I checked the GPO status and it showed enabled with a check mark.
>
>
> It appears that the mandatory profile is behaving as if it is a roaming
> profile just for student-A.
>
> What am I doing wrong? Please save my last strands of hair ....Thanks
>
>
>
Are you referring to the "permitted to use " in the copyto dialog?
My students are in a group called students . So I should add that group in
the permitted to use box?
"ChrisB" <ChrisB@discussions.microsoft.com> wrote in message
news:46FB45CF-F611-4610-BBBC-8937E7436A63@microsoft.com...
> Will,
>
> The problem is when you are copying the profile up to the network drive.
>
> Their is an option to change the users who can access the profile. Create
> a
> group and add your users to it. Allow the group to access the profile.
>
> Chris
>
> "Will Sellers" wrote:
>
>> Help! I have no hair left.
>> Objective: using a combination of mandatory profile and a GPO for a
>> student
>> OU that will give a student a share folder and lock down the desk top.
>>
>> My approach: In a GPO I define the lockdown settings. I specify the
>> logon.bat which uses net use to set the drive mapping to a shared
>> directory
>> for students. I also defined the profile path //server/profiles/mandatory
>> In the Mandatory profile I establish how the desktop will look (icons
>> etc).
>>
>> To test this I have student-A student-B Student-C that belong to a
>> studentrights OU which has a studentgpo.
>> To create the mandatory profile (which may be the problem) I did the
>> following steps:
>> 1. Logged as student-A
>> 2. Configured desktop icons that I want students to have access to.
>> 3. logged off
>> 4. logon on as administrator
>> 5. performed a copyto //server/profiles/mandatory
>> 6. In the profile I changed netuser.dat to ntuser.man
>> 7. logged on as student-A
>> desktop was ok
>> drive mapping was ok
>> Now the fun begins
>> Went to another computer and logged on as student-A
>> all was ok
>> on the same computer I logged on as student-B
>> the desk top was not the same as student-A
>> There was no lockdown {i.e. disabled control panel)
>> and no access to the mapped drive set by the logon.bat.
>> I ran gpresults and everything showed positive.
>> I checked the GPO status and it showed enabled with a check mark.
>>
>>
>> It appears that the mandatory profile is behaving as if it is a roaming
>> profile just for student-A.
>>
>> What am I doing wrong? Please save my last strands of hair ....Thanks
>>
>>
>>
"Will Sellers" wrote:
> Are you referring to the "permitted to use " in the copyto dialog?
> My students are in a group called students . So I should add that group in
> the permitted to use box?
>
>
> "ChrisB" <ChrisB@discussions.microsoft.com> wrote in message
> news:46FB45CF-F611-4610-BBBC-8937E7436A63@microsoft.com...
> > Will,
> >
> > The problem is when you are copying the profile up to the network drive.
> >
> > Their is an option to change the users who can access the profile. Create
> > a
> > group and add your users to it. Allow the group to access the profile.
> >
> > Chris
> >
> > "Will Sellers" wrote:
> >
> >> Help! I have no hair left.
> >> Objective: using a combination of mandatory profile and a GPO for a
> >> student
> >> OU that will give a student a share folder and lock down the desk top.
> >>
> >> My approach: In a GPO I define the lockdown settings. I specify the
> >> logon.bat which uses net use to set the drive mapping to a shared
> >> directory
> >> for students. I also defined the profile path //server/profiles/mandatory
> >> In the Mandatory profile I establish how the desktop will look (icons
> >> etc).
> >>
> >> To test this I have student-A student-B Student-C that belong to a
> >> studentrights OU which has a studentgpo.
> >> To create the mandatory profile (which may be the problem) I did the
> >> following steps:
> >> 1. Logged as student-A
> >> 2. Configured desktop icons that I want students to have access to.
> >> 3. logged off
> >> 4. logon on as administrator
> >> 5. performed a copyto //server/profiles/mandatory
> >> 6. In the profile I changed netuser.dat to ntuser.man
> >> 7. logged on as student-A
> >> desktop was ok
> >> drive mapping was ok
> >> Now the fun begins
> >> Went to another computer and logged on as student-A
> >> all was ok
> >> on the same computer I logged on as student-B
> >> the desk top was not the same as student-A
> >> There was no lockdown {i.e. disabled control panel)
> >> and no access to the mapped drive set by the logon.bat.
> >> I ran gpresults and everything showed positive.
> >> I checked the GPO status and it showed enabled with a check mark.
> >>
> >>
> >> It appears that the mandatory profile is behaving as if it is a roaming
> >> profile just for student-A.
> >>
> >> What am I doing wrong? Please save my last strands of hair ....Thanks
> >>
> >>
> >>
>
>
>
works like a charm. Now I need to figure out why the go wallpaper function
is not displaying the specified wallpaper file.
"ChrisB" <ChrisB@discussions.microsoft.com> wrote in message
news:0AC4F457-61BE-4615-988E-B85DBCB4B35C@microsoft.com...
> Yes that's the one.
>
> "Will Sellers" wrote:
>
>> Are you referring to the "permitted to use " in the copyto dialog?
>> My students are in a group called students . So I should add that group
>> in
>> the permitted to use box?
>>
>>
>> "ChrisB" <ChrisB@discussions.microsoft.com> wrote in message
>> news:46FB45CF-F611-4610-BBBC-8937E7436A63@microsoft.com...
>> > Will,
>> >
>> > The problem is when you are copying the profile up to the network
>> > drive.
>> >
>> > Their is an option to change the users who can access the profile.
>> > Create
>> > a
>> > group and add your users to it. Allow the group to access the profile.
>> >
>> > Chris
>> >
>> > "Will Sellers" wrote:
>> >
>> >> Help! I have no hair left.
>> >> Objective: using a combination of mandatory profile and a GPO for a
>> >> student
>> >> OU that will give a student a share folder and lock down the desk top.
>> >>
>> >> My approach: In a GPO I define the lockdown settings. I specify the
>> >> logon.bat which uses net use to set the drive mapping to a shared
>> >> directory
>> >> for students. I also defined the profile path
>> >> //server/profiles/mandatory
>> >> In the Mandatory profile I establish how the desktop will look (icons
>> >> etc).
>> >>
>> >> To test this I have student-A student-B Student-C that belong to a
>> >> studentrights OU which has a studentgpo.
>> >> To create the mandatory profile (which may be the problem) I did the
>> >> following steps:
>> >> 1. Logged as student-A
>> >> 2. Configured desktop icons that I want students to have access to.
>> >> 3. logged off
>> >> 4. logon on as administrator
>> >> 5. performed a copyto //server/profiles/mandatory
>> >> 6. In the profile I changed netuser.dat to ntuser.man
>> >> 7. logged on as student-A
>> >> desktop was ok
>> >> drive mapping was ok
>> >> Now the fun begins
>> >> Went to another computer and logged on as student-A
>> >> all was ok
>> >> on the same computer I logged on as student-B
>> >> the desk top was not the same as student-A
>> >> There was no lockdown {i.e. disabled control panel)
>> >> and no access to the mapped drive set by the logon.bat.
>> >> I ran gpresults and everything showed positive.
>> >> I checked the GPO status and it showed enabled with a check mark.
>> >>
>> >>
>> >> It appears that the mandatory profile is behaving as if it is a
>> >> roaming
>> >> profile just for student-A.
>> >>
>> >> What am I doing wrong? Please save my last strands of hair ....Thanks
>> >>
>> >>
>> >>
>>
>>
>>
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.