Click here to get back home

Delete cached local copy of mandatory profile and non roaming domain user profiles ?
 HomeNewsGroups | Search | About
Login Password
Register Now! Lost Password?
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Delete cached local copy of mandatory profile and non roaming domain user profiles ? Alex 05-01-2008
Get Chitika Premium
Posted by Al Dunbar on May 4, 2008, 3:54 pm
Please log in for more thread options
"Lanwench [MVP - Exchange]"
>>> Create a computer startup script that deletes the local profiles if
>>> they are of a concern to you. Users won't be able to delete profiles
>>> as a part of logoff process.
>>
>> One of the fastest methods to (permanently) delete a directory
>> tree is: "del /s /q PATH"
>>
>> /s = subdirectory /q = quite (no warnings)
>>
>> This is VERY dangerous as it will (usually*) delete everything in it
>> without further warning so get the PATH correct. * Unless files
>> are locked but at startup that is unlikely.
>>
>> A "for /d" (directories) loop can get all directories but be careful
>> not to delete the Default (or other profiles you wish to keep.)
>
> Hence, using delprof instead would be a very simple alternative :-)

That's not the only reason, as references to the profiles would still appear
in the registry once the profile folder was deleted.

/Al

>>
>>> --
>>> Svyatoslav Pidgorny, MS MVP - Security, MCSE
>>> -= F1 is the key =-
>>>
>>> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>>>
>>>> Hi. We are currently looking to deploy some Windows XP
>>>> workstations on a 2003 Domain for development purposes. We are
>>>> using a mix of mandatory profiles and general domain users that
>>>> have NO roaming or mandatory profile. We are finding that the XP
>>>> workstations are storing a local copy of the mandatory profiles and
>>>> the gerneral domain user accounts as well. Can anyone confirm whether
>>>> Windows should automatically remove
>>>> Mandatory profiles when the user logs off, and if so can anyone
>>>> suggest why a copy of the profiles are being left behind ?
>>>>
>>>> Similarly can anyone recommend how we can allow users with a basic
>>>> domain user account (no roaming or mandatory profile) to logon to
>>>> our XP workstations such that their locally created profile is
>>>> automatically deleted when they logoff ? i.e. no matter the user
>>>> type (even domain admin if possible) we would like to remove any
>>>> locally stored user profiles.
>>>>
>>>> Thanks,
>>>> Alex.
>
>
>



Posted by Lanwench [MVP - Exchange] on May 4, 2008, 3:59 pm
Please log in for more thread options
> "Lanwench [MVP - Exchange]"
>>>> Create a computer startup script that deletes the local profiles if
>>>> they are of a concern to you. Users won't be able to delete
>>>> profiles as a part of logoff process.
>>>
>>> One of the fastest methods to (permanently) delete a directory
>>> tree is: "del /s /q PATH"
>>>
>>> /s = subdirectory /q = quite (no warnings)
>>>
>>> This is VERY dangerous as it will (usually*) delete everything in it
>>> without further warning so get the PATH correct. * Unless files
>>> are locked but at startup that is unlikely.
>>>
>>> A "for /d" (directories) loop can get all directories but be careful
>>> not to delete the Default (or other profiles you wish to keep.)
>>
>> Hence, using delprof instead would be a very simple alternative :-)
>
> That's not the only reason, as references to the profiles would still
> appear in the registry once the profile folder was deleted.
>
> /Al

Yep, that too.

>
>>>
>>>> --
>>>> Svyatoslav Pidgorny, MS MVP - Security, MCSE
>>>> -= F1 is the key =-
>>>>
>>>> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>>>>
>>>>> Hi. We are currently looking to deploy some Windows XP
>>>>> workstations on a 2003 Domain for development purposes. We are
>>>>> using a mix of mandatory profiles and general domain users that
>>>>> have NO roaming or mandatory profile. We are finding that the XP
>>>>> workstations are storing a local copy of the mandatory profiles
>>>>> and the gerneral domain user accounts as well. Can anyone confirm
>>>>> whether Windows should automatically remove
>>>>> Mandatory profiles when the user logs off, and if so can anyone
>>>>> suggest why a copy of the profiles are being left behind ?
>>>>>
>>>>> Similarly can anyone recommend how we can allow users with a basic
>>>>> domain user account (no roaming or mandatory profile) to logon to
>>>>> our XP workstations such that their locally created profile is
>>>>> automatically deleted when they logoff ? i.e. no matter the user
>>>>> type (even domain admin if possible) we would like to remove any
>>>>> locally stored user profiles.
>>>>>
>>>>> Thanks,
>>>>> Alex.




Similar ThreadsPosted
Tech Support access to roaming profile directory on server(s) January 4, 2008, 11:30 am
Backing up roaming profiles on W2K3 January 11, 2006, 1:37 pm
Please help. Cannot access hotmail or run CMD after playing with roaming profiles May 30, 2005, 12:31 am
Stop syncronization of ALL roaming profiles at logout March 30, 2006, 4:17 pm
Custom NTFS permissions on roaming profiles? April 11, 2006, 7:48 am
Re: Admin access to roaming profiles (existing folders) November 19, 2007, 11:32 am
Re: Admin access to roaming profiles (existing folders) November 19, 2007, 11:20 am
cannot change domain user profile display settings August 4, 2005, 11:45 am
What has Windows 2003 Server security done to domain user profiles January 17, 2006, 11:49 pm
un/pwd error using network profile - no error with local profile March 23, 2007, 1:23 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap