Getting Terminal Service Profile Path
We are provisioining users to the Active Directory. However, using Xpress/Java, how can the AD's Terminal Services Profile Path can be retrieved by IDM. Basically, i would like to retrieve this information before the the account is deprovisioned.
Edited by: user6420881 on 3/10/2010 23:45
I dont see much hope with Java/Xpress to set the Terminal Services group of attributes.
There is no LDAP attribute named 'Terminal Services Profile Path' which is the problem. All these Terminal Services "attributes" are bundled up as a set of User Parameters. I think MS had to do this for historical reasons with NT4.
Unless the AD Gateway service has support for Terminal Services builtin (check the documentation) the only way I can see to set these is by Using Powershell or some MS script based solution called as an After Update or After create action. But that's setting only IDM -> AD.
Reading these strings back to IDM is hard.. maybe a Powershell script can decode the TS blob and store the strings in CustomAttributes ???
I know this TS stuff is a pain.
Similar Messages
-
OIM: Terminal Services Profile Path
Hi,
I am using OIM and AD with the OOTB AD connector.
I have made a pre-populate adapter that generates a Terminal Services Profile Path for a user. I would like the path to be added to users when they are created.
I have added an entry in the the AD User Form, pre-populate tab. Field name: Terminal Profile Path. Adapter: My generate Terminal Services Profile Path adapter.
Unfortunately, the Terminal Profile Path field is not pre-populated in the process form.
I have also tried to add a process task triggered by the create user task, and made my adapter a Process Task Adapter. This did not work either.
Just to test it, since there is no column for Terminal Services in the usr table, I created a Terminal Services Profile Path UDF. When I fill in the path in the UDF manually, the Terminal Profile Path field is not pre-populated in the process form.
I have made pre-populate adapters for other UDFs and had no troubles with that. Does anyone know if there is something special about this Terminal Services Profile Path field?
Thanks!!Thanks Rajiv,
When I use a process task, the task is invoked, and I get:
Status: Rejected
Response: 62: Unknown response received.
But I thought I didn't really need to use a process task, and that it would be sufficient with a pre-populate adapter mapped to the right field. But it seems like I'm not using the field in the correct way...?
Thanks! -
How to change path of Users Terminal Services Profile for multiple AD users on server 2003?
Hello experts. I am working on a file server migration. All data has been migrated, I am currently working on redirecting users to the new file server. I
am able to select multiple users at once in ADUC -> right-click -> properties -> profile and here I can change the home folder and roaming profile path for each all users to point towards the new file server.
The issue I have run in to is that we have roaming profiles for terminal services users. So, there are hundreds of users that have their terminal services profile
configured in AD -> Right-click user (one at a time) -> properties -> terminal services profile. Here, the profile path is configured for each user as \\OLDserver\Profiles\%username%
and I need to change it to \\NEWserver\profiles\%username%.
I know that you can configure this path via group policy, I set up a GPO; Computer / Administrative Templates / Windows Components / Terminal Services / “Set Path
for TS Roaming Profiles” as \\NEWserver\profiles and applied this GPO to an OU containing the TS servers.
The problem is, the GPO is not working... When I log in to the TS and add a document to My Documents, it is still saving under \\OLDserver\profiles\Username.
So, the settings in AD are trumping the GPO I believe. What is the best way to accomplish my goal? Thanks in advance!> to change it to \\NEWserver\profiles\%username%.
That is "profile" in opposite to...
> add a document to My Documents, it is still saving under
> \\OLDserver\profiles\Username.
...this one which is Folder Redirection and has NOTHING to do with
server based profiles.
> So, the settings in AD are trumping the GPO I believe.
No, it isn't. When you do not enable FR and you access "Documents", you
will never see an UNC path but the local c:\users\xyz\documents folder.
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :)) -
Delete Terminal Services profile from custom directory
We have Terminal Servers running Windows Server 2003.
We have TS Profile Path set to D:\TSProfilesXXX1 using Group Policy.
Now, we are planning to delete all the old TS profiles from C:\Documents and Settings and D:\TSProfilesXXX1 folders.
Found Utility DELPROF from Microsoft, however, it works for C:\Documents and Settings by default and does not seem to be working for D:\TSProfilesXXX1.
Any Help here ???
MCSE CertifiedHi,
Thank you for your posting in Windows Server Forum.
For your issue, you can delete the cached copy of roaming profile by GPO setting. Please check the GPO setting “Computer Configuration | Administrative Templates | System | User Profiles
| Delete cached copies of roaming profiles.”
More information.
User Profiles
To manually remove you can also use registry setting. If you’re connecting to a remote computer and not cleaning up a local registry, click on Registry in the File menu and select Connect To Network Registry. Enter the name of the computer you deleted profiles
from and browse down in the registry to these two locations:
•HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy\
•HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\
Detail information.
Clean up Terminal Services profiles with DELPROF
Hope it helps!
Thanks.
Dharmesh Solanki -
AD User Recon of Terminal Services Profile Attributes
I am trying to get some of the Terminal Services Profile attributes to Reconcile to OIM during the AD User Reconciliation scheduled task. Other attributes sync fine, but the Remote Manager is never called to run the Recon vbs script. Looking at the Java for the AD User Recon scheduled task, I can find the method that should be called; getBLOBAttributeValues(). Funny thing is I can't find even one call to that method in any of the java code in the xliADRecon.jar file.
OIM 9.1.0.2 BP07
AD Connector 9.1.1.4
Looup.AD.BLOBAttribute.Values is configured with the attributes to sync
Lookup.ADReconciliation.FieldMap is configured with the attributes
The Resource Object has the fields defined for Reconciliation
The Process Definition has the fields mapped to the Process form attributes
Everything seems to be in place except there is no call to the getBLOBAttributeValues() method to call the reconciliation script via the remote manager.
What am I missing?
And BTW ... Provisioning of the attributes works fine, using the RManager.
Thanks,
BillHi,
Please go through below article might helpful in your case.
How to read msTSProfilePath, msTSHomeDrive and msTSHomeDirectory properties from AD (VB.NET)
http://blogs.msdn.com/b/alejacma/archive/2010/10/13/how-to-read-mstsprofilepath-mstshomedrive-and-mstshomedirectory-properties-from-ad-vb-net.aspx
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Field explorer does not open on my terminal services profile
Dear Sirs,
For some reason I am unable to open my field explorer in any crystal report on my terminal services profile. I have checked with other profiles and the problem does not exist. The problem is specific to my profile. I can also create new reports and access fields however if I use the filed explorer button I cannot access fields, parameters or formulas from there. Problem just started this morning. We have been using crystal reports X1 for last 12 months. Would it be a terminal server issue?
I would appreciate whatever help you can give me.
Regards,
Philip Brady
Finance Director
National Electrical Wholesalers (Irl) LtdHi Philip
This can be an issue with the terminal server that you are using. Please refer to the Crystal Reports XI supported platforms guide if the server that you are using is supported or not.
You can download the guide from the below link:
[download CR XI supported platforms guide|http://www.2shared.com/file/4065156/f2ef25e1/cr_xi_supported_platforms.html]
Hope this helps!!
Regards
Sourashree -
Terminal Server profiles path between Server 2008
My existing Citrix farm has published desktops on Server 2008 x86 SP1, and the new farm I'm building is based on Server 2008 R2 x64. I can't get the x64 servers to use the same path as the x86 servers, despite having the same GPO's.
Both have the same GPO linked: under Computer Configuration/Policies/Administrative Templates/Windows Components/Remote Desktop Session Host/Profiles, the path is set to \\server\share\%username%.
When a user who doesn't have a profile logs in to a Server 2008 x86 server, after they log out their profile is uploaded to the share as \\server\share\username.V2. When a user logs into Server 2008 R2, it doesn't pull their username.V2 profile and instead
creates a new one as \\server\share\username\username.domain.V2.
Please help me get the x64 R2 servers to use the existing TS profiles.Hi,
Thank you for posting in Windows Server Forum.
Set up RD Session Host roaming profile path
Roaming profiles should be configured separately for each RD session farm. They should not be shared between farms or user’s physical desktops since profile corruption and data loss may occur if a user is simultaneously logged into two machines that load the
same user profile.
Configure the following Group Policy on the RD Session Host:
Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Profiles ->
Set path for Remote Desktop Services Roaming Profiles
Kindly go through beneath article for information.
User Profiles on Windows Server 2008 R2 Remote Desktop Services
http://blogs.msdn.com/b/rds/archive/2009/06/02/user-profiles-on-windows-server-2008-r2-remote-desktop-services.aspx
Hope it helps!
Thanks.
Dharmesh Solanki -
AD User object - cannot change Terminal Server Profile Path
Hello
When I try to change the "Profile Path:" on the "Remote Desktop Services Profile" Tab on a Users AD Properties, I receive a Error Message:
"Operation failed: The operation completed successfully."
After closing and reopen the users properties, the old path is shown as Profile Path...
The problemes seems to be on only 1 user account.
Any Ideas how i can fix this error?
Thanks very much for any help
pAsciiHi,
Could you tell us how many user have these question?
Did you change the path to remote domain?
Is there any other error information?
Does the user have permission to access the new location?
More detailed information about this setting is appropriate.
Best Regards,
Erin -
Problem Launching BPC for Excel in Terminal Services/Citrix Environment
Hello.
We are having an issue launching BPC in our terminal services/citrix environment. This is not the main way that users will be accessing BPC, but we plan to have it available for off-hours/off-site use.
Here are details on our environment.
1) BPC version: 5.0.502 (5.1, SP3, patch 4)
2) Env: 1 web/app server, 1 database server
3) SQL Server 2005 Enterprise Edition, SP2
4) Problem occurs sporadically for any user.
In some instances, launching BPC for Excel does not bring up the connection wizard, instead, an error message displays saying "Object Variable is not set". We then logoff, delete the terminal services profile, and logon again, forcing the creation of a new terminal services profile, and BPC for Excel will launch the connection wizard as expected. So it seems that the terminal services profile sometimes gets corrupted. Does someone know which Windows registry key would cause this situation so we can determine the root problem? Deleting the profile is not a practical permanent solution. This is only an issue in terminal services/citrix, no other environment.
I opened this with support, but they said it's my problem. I'd appreciate any ideas to solve this. Thanks, NancyHello,
I have exactly the same problem too (Citrix / BPC 7.0M SP6 Client).
Do you have a solution regarding this issue ?
Thanks in advance. -
User profile vs Remote Desktop Services Profile
On a Windows 2008 R2 Domain Controller, if you open properties of an user account, you'd see
a Profile Tab as well as Remote Desktop Services Profile Tab.
I found this very confusing, can any one tell be the key difference between those 2?
If I don't specify Remote Desktop Services Profile path, when I logon to Remote Desktop Server, it seems take user's
romaing profile.
Anyway, please advice.
Thank you.Hi,
Thank you for posting in Windows Server Forum.
The profile tab of the user properties window allows you to configure user profile, logon scripts and home folder details for the user object. It is very useful when you have to allow your user access the same environment and data irrespective of the machine
he logs in from.
Active Directory User properties – Profile tab
Remote Desktop Services User Properties
You can specify a Remote Desktop Services-specific profile path and home folder for a user connecting to an RD Session Host server. This profile and home folder will only be used for Remote Desktop Services sessions. You should assign a separate profile for
Remote Desktop Services sessions because many of the common options that are stored in profiles, such as screen savers and animated menu affects, are not desirable when using Remote Desktop Services.
Manage User Profiles for Remote Desktop Services
http://technet.microsoft.com/en-us/library/cc742820.aspx
User Profiles on Windows Server 2008 R2 Remote Desktop Services
http://blogs.msdn.com/b/rds/archive/2009/06/02/user-profiles-on-windows-server-2008-r2-remote-desktop-services.aspx
Hope it helps!
Thanks.
Dharmesh Solanki -
How do I get the full current path in the title bar of a terminal window?
Is it possible to get the full current path in the title bar of a
terminal window? I would find that more meaningful than
"Terminal - tcsh - 80x60" (which I currently get). Doing
this would free me from wanting to display the path in my
system prompt thereby allowing me to use a shorter prompt
and having more space on the line for actual input.
Thanks
Ron
Dual 1Ghz PowerMac G4 Quicksilver 2002 Mac OS X (10.4.8)IIRC, Terminal->Window Settings->Window controls that information. That said, I don't understand what full current path means in this context, nor why you'd want to display it in title bar.
Your terminal prompt is a concatenation of your computer name (SysPrefs->Sharing—easily changed) and the path to your user's home directory using the short username (hard to change).
computer name:~ username$ -
I've been tearing my hair out for a couple of days now...
I'm trying to create a mandatory profile for users logging in from hp thin clients on a 2003 server at a school.
I've set up a prototype user, then copied the proto user's NTUSER.DAT to NTUSER.MAN and renamed
NTUSER.DAT to NTUSER.DAT_unused.
At that point, logging in as the prototype user looks ok. It was my understanding that renaming NTUSER.DAT to NTUSER.MAN would make it a mandatory profile, and the user (in this case the proto user) would be unable to change it. However, in this
case the user can still modify the desktop and those modifications are preserved across logins. The NTUSER.MAN file is being updated, judging by the timestamp changes.
What am I missing?
I've tried putting the NTUSER.MAN in the user's dir on the server
(C:\Documents and Settings\ProtoUser),
in the DefaultUser, and in AllUsers.
Right now I'm getting a default, unmodifiable profile which I have no idea where it comes from.
In case it matters, the original user and directory tree from which the NTUSER.MAN I'm trying to use has been deleted, but I wouldn't think that should matter.
For example, I have the option to not show the security tab set in the group policy, but it is showing up.
The Start menu is showing as the classic start menu, and I had it set for the "new" (2 column) one.
I've got hide network places on the desktop set, but it's showing up.
Is there a way to tell where a profile is coming from?
I'm pretty confused at this point; any clarifications / tips would be much appreciated.
Related questions:
If both an NTUSER.DAT and an NTUSER.MAN exist, which is used?
If no profile is found for a user in the normal place, what happens?Hi,
Thank you for posting in Windows Server Forum.
A mandatory user profile is a special type of pre-configured roaming user profile that administrators can use to specify settings for users. With mandatory user profiles, a user can modify his or her desktop, but the changes are not saved when the user
logs off. The next time the user logs on, the mandatory user profile created by the administrator is downloaded. There are two types of mandatory profiles: normal mandatory profiles and super-mandatory profiles.
User profiles become mandatory profiles when the administrator renames the NTuser.dat file (the registry hive) on the server to NTuser.man. The .man extension causes the user profile to be a read-only profile.
User profiles become super-mandatory when the folder name of the profile path ends in .man; for example, \\server\share\mandatoryprofile.man\.
More information:
Mandatory User Profiles
http://msdn.microsoft.com/en-us/library/windows/desktop/bb776895(v=vs.85).aspx
Using User Profiles in Windows Server 2003
http://technet.microsoft.com/en-us/library/cc776120(v=ws.10).aspx
Hope it helps!
Thanks.
Dharmesh Solanki -
Getting "error reading settings" with the service profile manager in Lion server OS. Why and what can I do to solve problem?
I have also had the 'Error reading settings' problem in Profile Manager, despite trying everything in the discussions and clean reinstalls (which work for a little while only).
It seems that various different fixes work for some people but not others; and the underlying cause of the problem has not been resolved.
There are now numerous threads on this problem (there are yet others with similar problems):
https://discussions.apple.com/thread/3189397
https://discussions.apple.com/thread/3195100
https://discussions.apple.com/thread/3212015
https://discussions.apple.com/thread/3208533
https://discussions.apple.com/thread/3249062
https://discussions.apple.com/thread/3199734
https://discussions.apple.com/thread/3212304
I have posted this in each to try and pull things together a bit.
Does anyone know if Apple has acknowledged the issue and offered an official response? -
SHA-1 - cannot get terminal to recognize the path
I have followed quite precisely the instructions at
http://support.apple.com/kb/HT1652
to verify an SHA-1 digest, in this case for the 10.5.6 upgrade. I cannot get Terminal to recognize the path, despite that I have up it in several times with great care!
Any ideas? Your help much appreciated, thanks David AllenHello David;
Using the 'Terminal App' can be quite tricky for sure but I'll walk you through it.
First, open the 'Terminal App' and then type in
/usr/bin/openssl
Now hit the spacebar to add a space.
Then type in
sha1
and hit the spacebar again to add another space.
So now this should be the command line so far
/usr/bin/openssl sha1
Now open the finder and locate the file you want to verify. It's probably in your downloads folder. Once the file is located, Click & Drag it into the 'Terminal App' and release it. Bingo! The 'Terminal App' will have the correct path to the file and should verify it after you press the 'return' key. (Note: Any spaces in the file name, the 'Terminal App' will pad them with a backslash "\". Example File Name: +"My File.txt"+ becomes +"My\ File.txt"+ ). So +Don't Panic+ if you see any backslashes.
Now the command line should be something like this ...
/usr/bin/openssl sha1 /Users/David/Downloads/MacOSXUpdCombo10.5.6.dmg
Good Luck & Happy Holidays.
Buzz -
Windows 2008 R2 Remote Desktop Services - user profile path not working
Trying to setup remote desktop profiles. We have 1 farm with 2 Windows 2008R2 RD session hosts and a broker server and want the all of the remote user profiles to reside on a dedicated profile server. We've created the user shares but when a remote
user logs in their user profiles is automatically created on the session hosts. Each remote users profile path is specified in AD under the user's Remote Desktop Profile tab.
I've seen posts about creating a GPO to handle roaming profiles but I'm not sure as to where this needs to be created...should it be done on each of the session hosts? Are their any step by step instructions out there on how to achieve this that I just haven't
found yet?
blHi,
Thank you for posting in Windows Server Forum.
Do you have RD Gateway setup in your environment?
Have you configure RD Connection Broker and set the Fully Qualified Domain Name (FQDN) of the RD Connection Broker server in case of RD Connection Broker mode. In RD Session mode, it is set to the FQDN of the RD Web Access server.
Client operating systems must trust the certificate with which the RemoteApp programs are signed. Suggest to install RDP 8.1 for client OS.
Do you have a trusted certificate with a matching name configured on your RDSH server in RD Session Host Configuration? (Means cert must match the name that clients use to connect to it for running the RemoteApp).
Hope it helps!
Thanks.
Dharmesh Solanki
Maybe you are looking for
-
Automatically updating open quantity..is it possible?
Dear all, I am facing a series of issues related to the open quantity. My client insists that this function is a necessity. However, it's not easy to find out how. 1. Problem After registering a Purchase Order and Goods Receipt PO, there are cases we
-
CF6004 Time Stamp log into file
I am trying to attach the time stamp to the data log that I obtain from the NI CF6004. Is there an example that I can look at? I would like to print <Time stamp> <value> in the file. I am sampling for multiple channels but one sample value at a time
-
Printing photo index to iphoto books
Is there any way to index the photos you have nicely printed in the book offered by apple (looks pretty neat) so the person you give the book to will have an idea what the contents of the pictures are? i.e. by thumbnails and the title, or even the ti
-
SQL Developer 1.51.5440 Font Settings
Hi, In my other editors & dev tools, I set the font to Lucida Console 11. It looks OK. However, SQL Developer 1.51.5440 seems to interpret font seting differently: - Lucida Console size 14 looks like size 10 in other editors. - ClearType is not respe
-
Photoshop Elements 8 no longer working
I had Elements 8 installed on my computer. When it got a virus, I re-formatted it and re-installed Elements 8. Now it won't work! What's the deal? Am I forced to buy the new 11 Elements? Thanks.