Home
> Windows 2008 (R2) > Creating one mandatory user profile for all students
Creating one mandatory user profile for all students
Creating and maintaining thousands of user profiles can chew up alot of time in an systems administrators daily job. Maintaining thousands of individual student user profiles even more. Wouldn’t be cool to have just one student profile that is locked and can thus cannot be modified by students. Lets explain on how to create such a mandatory user profile.
- First make sure you have an cleanly installed Windows XP operating system with all latest patches.
- Copy the ENTIRE content of c:\documents and settings\default user\ to your local machine
OR - Login to that XP machine and configure all needed settings
- Logout and copy that ENTIRE profile content to you local machine
- Now start regedit.exe on your machine
- Click on HKEY_LOCAL_MACHINE
- Goto File -> Load Hive
- Select USER.DAT residing in the profile folder
- Give the new hive a name. Lets say: test
- Click on HKEY_LOCAL_MACHINE\test en select permissions
- Remove all groups and users except SYSTEM
- Add an Active Directory group to your liking (students or so) or just everyone
- Make sure you click the advanced button and propagate the permissions to all subfolders
- When your done then you need to unload the hive
- Now click on HKEY_USERS and repeat the same process
- When you are done with that rename USER.DAT to USER.MAN
- Create an profile structure on a central server like \\server\d$\Profiles\student\
- Copy the entire profile folder content to \\server\d$\Profiles\student\
- Create a share named Profiles$ on \\server\d$\Profiles\
- Share permision should be : authenticated users, SYSTEM, SERVER\administrators = FULL CONTROL
- NTFS permissions should be : SYSTEM, SERVER\administrators = FULL CONTROL and authenticated users and for the Authenticated users group special permissions
- The NTFS permissions for the \\server\d$\Profiles\student\ folder should be:
SYSTEM, SERVER\administrators = FULL CONTROL
the active directory group named students = READ - Now start the active directory users and computers MMC and select all student accounts
- Point the profile location to \\SERVER\profiles$\student
- Now you are done.
Categories: Windows 2008 (R2)
education, hive, mandatory profile, regedit, student, user profile, user.dat, user.man, windows 2008, windows xp sp3
Comments (0)
Trackbacks (0)
Leave a comment
Trackback
Leave a Reply
VISITOR LOCATIONS
