Local and roaming profiles in Samba

Similar Messages

• Local and Roaming profiles not being created

  Hello all,
  I'm in need of help and I wondered if there was anyone out there with some suggestions.
  The problem is that one of our sites has Netware 5 and Zfd3.2 and there are no longer any roaming profiles or local profiles being created. Volatile user is not used. Roaming profiles go to the users home directory. All file rights are fine. DLU is still working. Novell client on W2K workstations is 4.90. All other sites appear to be OK.
  I suspected that the user policy was at fault and so created a test user package and associated a test user to it = same result.
  I have checked from top to bottom and compared all settings to other sites and can see no difference or anything unusual. I've been working on this for 2 days now and I'm going grey and bald.
  Any suggestions anyone?
  I'll buy a pint for anyone with the answer - LOL.
  Thanks in advance
  Alan Graham
  email: [email protected]

  elvisgraham,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Tiger Login Freezing, Local and Roaming Profiles

  I'm having problems with the login screen. Both server and emac are using the newest 10.4.4 updates and users regardless of logging in to local accounts or accounts on the server are freezing after pressing the "Login" button on the login screen.
  generally speaking the user can login at least once per restart. the problem tends to occur if users logout and then attempt to login another user.
  wondering if anyone has seen this problem
  it only seems to happen with emacs (different gens) running 10.4
  imacs and other machines running the same system/image to not appear to suffer the problem.

  update:
  even updating to 10.4.6 which has become available since the problem first came about there have been no less instances of this happening.
  any help would be great.

• "where does firefox 'profiles' end up in Windows 7? I see there are duplicate 'default'profiles in a local and roaming folders.

  I am moving my 'profile' from one netbook (which uses Windows XP) to a newer netbook (using Windows 7 starter). I have found two folders off the 'users/(my name)/local' and 'users/(my name)/roaming' that seem to be duplicate default profile folders. When I copy my profile from the older netbook, how do I know which folder to put it into.
  Hope this is clear

  The profile folder in the path '''''users/(my name)/local''''' only contains the Cache folder/files and the Safe Browsing information (''urlclassifier3.sqlite'') and a couple of other files. See information about "Cache" and "Offline Cache" under "4.1 Folders" in this article and how to find their location with '''about:cache''': http://kb.mozillazine.org/Profile_folder_-_Firefox#Folders<br />
  Also see: http://kb.mozillazine.org/About_protocol_links<br />
  You do NOT need to copy/transfer the files & folders in this path to your new notebook, as these files will be automatically rebuilt on the new notebook.
  There is also information in that first link about files and folders in your "main" profile folder in the path '''''users/(my name)/roaming'''''.<br />
  For a recommendation of the items to copy/transfer in this profile folder location see:
  *http://support.mozilla.com/en-US/kb/Recovering+important+data+from+an+old+profile
  *http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Firefox
  <br />
  '''Other issues needing your attention'''
  The information submitted with your question indicates that you have out of date plugins with known security and stability issues that should be updated. To see the plugins submitted with your question, click "More system details..." to the right of your original question post.
  *Adobe PDF Plug-In For Firefox and Netscape "9.4.1"
  **New Adobe Reader X (version 10) with Protected Mode just released 2010-11-19
  **See: http://www.securityweek.com/adobe-releases-acrobat-reader-x-protected-mode
  *Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers
  #'''Check your plugin versions''': http://www.mozilla.com/en-US/plugincheck/
  #*'''Note: plugin check page does not have information on all plugin versions'''
  #'''Update Adobe Reader (PDF plugin):'''
  #*From within your existing Adobe Reader ('''<u>if you have it already installed</u>'''):
  #**Open the Adobe Reader program from your Programs list
  #**Click Help > Check for Updates
  #**Follow the prompts for updating
  #**If this method works for you, skip the "Download complete installer" section below and proceed to "After the installation" below
  #*Download complete installer ('''if you do <u>NOT</u> have Adobe Reader installed'''):
  #**Use the links below to avoid getting the troublesome "getplus" Adobe Download Manager and other "extras" you may not want
  #**Use Firefox to download and SAVE the installer to your hard drive from the appropriate link below
  #**Click "Save to File"; save to your Desktop (so you can find it)
  #**After download completes, close Firefox
  #**Click the installer you just downloaded and allow the install to continue
  #***Note: Vista and Win7 users may need to right-click the installer and choose "Run as Administrator"
  #**'''<u>Download link</u>''': ftp://ftp.adobe.com/pub/adobe/reader/
  #***Choose your OS
  #***Choose the latest #.x version (example 9.x, for version 9)
  #***Choose the highest number version listed
  #****NOTE: 10.x is the new Adobe Reader X (Windows and Mac only as of this posting)
  #***Choose your language
  #***Download the file
  #***Windows: choose the .exe file; Mac: choose the .dmg file
  #*Using either of the links below will force you to install the "getPlus" Adobe Download Manager. Also be sure to uncheck the McAfee Scanner if you do not want the link forcibly installed on your desktop
  #**''<u>Also see Download link</u>''': http://get.adobe.com/reader/otherversions/
  #**Also see: https://support.mozilla.com/en-US/kb/Using+the+Adobe+Reader+plugin+with+Firefox (do not use the link on this page for downloading; you may get the troublesome "getplus" Adobe Download Manager (Adobe DLM) and other "extras")
  #*After the installation, start Firefox and check your version again.
  #'''Update the [[Java]] plugin''' to the latest version.
  #*Download site: http://java.sun.com/javase/downloads/index.jsp (Java Platform: Download JRE)
  #*Also see "Manual Update" in this article: http://support.mozilla.com/en-US/kb/Using+the+Java+plugin+with+Firefox#Updates
  #* Removing old versions (if needed): http://www.java.com/en/download/faq/remove_olderversions.xml
  #* Remove multiple Java Console extensions (if needed): http://kb.mozillazine.org
  #*Java Test: http://www.java.com/en/download/help/testvm.xml

• Best solution for data availability for end users --- reverse redirected folder and roaming profile

  Roaming profiles and redirected folders do not seem to work for our environment. They often become troublesome and cause much help desk time and resources.
  Is there a way to have a roaming profile and redirected folder configuration however have the local workstation have the primary copy and have the "server side" version be a backup?
  This would seem to allow the user to have a constantly updated local copy and also have a backed up version on the enterprise server side available.

  Hi,
  I'm afraid there is no such function for saving the main copy on local side.
  However if the sync of your roaming profile or folder redirection is not working well, it will still affect the result even if the function is available.
  Also roaming profile is for "using same profile on different client computers", if the primary copy is on client it will not affect the purpose.
  And for folder redirection it supports Offline Files so client should have a local copy when sync is not work.
  If you have any feedback on our support, please send to [email protected]

• Internet Explorer 10 cookies and roaming profiles (WebCache directory)

  Hi,
  I'm having a cookie problem on 2 out of 2 tested environments using Windows Server 2008 R2 (with roaming profiles) and Internet Explorer 10 (IEAK'ed) :S
  For instance when I login to www.google.com with my username and password, as long as I'm using my Windows session I'm logged in to
  www.google.com every time I open the browser (with all iexplore.exe processes closed before). When I logoff my Windows session my (roaming) profile is beeing saved on the fileserver and the locally cached Windows profile
  is beeing deleted.
  When I logon to Windows again (on the same computer) the roaming profile is beeing copied from the fileserver to my client (including the .txt cookies), but
  www.google.com isn't logging me in automatically. The same thing happens with other cookies related stuff on websites :S
  Also tried WITH and WITHOUT folder redirection for AppData/Cookies/etc, even a newly installed environment with Microsoft defaults is giving me problems.
  Anybody out there having the same problem ?

  Okay, I've made some progress on this today and it's working so far. It's still unclear what the following article/IE hotfix actually does:
  http://support.microsoft.com/kb/2955387/en-gb
  Because it's certainly doesn't magically fix getting cookies to fully roam - the webcache is still in the same folder. However, I think what it fixes is the problems reported above whereby any other stuff one want's to do with webcache fails
  because the files are locked most of the time.
  So with this hotfix in place, I was able to implement the following PowerShell logon script:
  $SourcePath = "$LocalAppData\Microsoft\Windows\WebCache"
  $LinkExists = $False
  If (Test-Path $SourcePath) {
  $Attributes = (Get-Item -Path $SourcePath -Force).Attributes
  $LinkExists = [Bool]($Attributes -band [IO.FileAttributes]::ReparsePoint)
  If (!$LinkExists) {
  If ($Debugging) {Write-Host "Debug: deleting old webcache folder"}
  Remove-Item -Path $SourcePath -Recurse -Force -ErrorAction SilentlyContinue
  $TargetPath = "$RoamingAppData\Microsoft\Windows\WebCache"
  If (!(Test-Path $TargetPath)) {
  If ($Debugging) {Write-Host "Debug: creating new webcache folder"}
  [void](New-Item -Path $TargetPath -ItemType Directory)
  If (!$LinkExists) {
  Write-Host "Configuring IE webcache to roam"
  $Cmd = "cmd /c 'mklink /d " + $SourcePath + " " + $TargetPath + "'"
  Invoke-Expression $Cmd 2> $Null
  $LocalAppData and $RoamingAppData are variables that point to here:
  C:\Users\myusername\AppData\Local
  C:\Users\myusername\AppData\Roaming
  What the script basically does is this set-up a symbolic link that links:
  "C:\Users\myusername\AppData\Local\Microsoft\Windows\WebCache"
  To:
  "C:\Users\myusername\AppData\Roaming\Microsoft\Windows\WebCache"
  When one logs off, WebCache roams to the network. When one logs on, it roams back and so far, cookies appear to be sticking. We use Spiceworks and before one had to type username & password each time. In my test, the logon details are persisted.

• Outlook 2010 - IMAP and Roaming Profiles

  Hello,
  If we setup a roaming profile user with an IMAP account in Outlook 2010 everything works on the machine the account was created on. If the user logs off and uses another machine they get the following message when trying to send an email:
  "Task '*Email Address* - Sending' reported error (0x8004010F) : 'Outlook data file cannot be accessed.'
  They are able to receive email without an issue.
  I've seen other people report the same problem but with no fix reported. I wonder if anyone had made any progress on this.
  Thanks,
  Andrew

  I have come up with a temporary solution. I say temporary because it involves redirecting the pst files to a network share, which is not recommended by MS.  That said, our users have not had any issues with their personal/archive
  pst files being on a network share as long as the PC they are working is local to the network share, i.e. in the same building on the same local network.
  We have several users that share systems, some physical, some virtual, set up with roaming profiles.  We ran into the situation described above when one of the users needed to access a gmail account via Outlook 2010.  Along with roaming profiles,
  the users are in a GPO which enforces folder redirection, so the server share was already set up..
  \\ServerName\GPO_Redirect\%username%
  I added the Outlook2010 ADM (outlk14.adm) to the GPO, and enabled... "User Configuration/Administrative Templates/Microsoft Outlook 2010/Miscellaneous/PST Settings/Default location for PST files" ...and set the value to \\ServerName\GPO_Redirect\%username%\OutlookPSTRedirect
  I had to remove the existing IMAP account from Outlook and readd it. Doing so created the "OutlookPSTRedirect" folder automatically under the user's network share and the [email protected] file was created there. Everything seems to be working fine
  after multiple logoffs and logons to different systems. No (2), (3), (4), etc. file versions are being created, messages do not get stuck in the outbox, folder view settings are remembered, etc., etc.
  Apparently you can also set the "ForcePSTPath" registry value manually, but I have not tested that.

• Flash player 10 and roaming profile

  Hi,
  Some of my clients are having similar issues since they've upgraded from flash player version 9 to version 10. They all use roaming profile, i.e user documents and settings are stored on the server rather than individual machines.
  The problem is that when they log in my application their login is successful but they don't get past that stage. This is because upon login, the application tries to write into a shared object but I believe it fails to do so.
  If they revert back to Flash player 9, it's all fine. Client with no roaming profile don't experience this issue.
  Therefore I believe there are some changes in Flash player 10 security. What should I do ?
  Thanks

  Hi !
  I knew somebody from Adobe would finally reply
  Well, I've actually come across this bug report this afternoon ! And I've asked my client to try the suggested workarounds. That was his reply :
  ' These work arounds are no good I’m afraid.  These work arounds mean we have to mess around with file redirection which we don’t want to do.  The reason these work arounds do work is that there is a Desktop folder in the local profile.  When you re-direct the Desktop the local Desktop gets moved to the network.  If we then re-create a local Desktop folder we break folder re-direction and there is potential for the user to have the wrong desktop displayed, or have files stored locally on their PC not being backed up. '
  As you can see he's not so keen to change any network settings.
  Do you have any other suggestions ?
  Thanks

• 7310 - Problem with CIFS and Roaming Profiles since upgrade to 2010.Q1.0.2

  We have developed a strange problem with our environment which I'm pretty sure is down to the upgrade to 2010.Q1.0.2 from 2009.Q3.4.1 on our 7310 (all the previous 2009 releases had been fine) since nothing else has changed in our environment. I suspect some changes to the underlying CIFS server causing this?
  We have virtual Windows servers hosted on a VMWare VSphere cluster which are stored on the 7310 via iSCSI LUNs and also CIFS shares on the 7310 for home directories and separate CIFS shares for roaming profiles - all paths are correct in AD for each user - we also use folder redirection for XP Pro clients to force things like "Application Data", "My Documents" etc. onto the Homedir share.
  What we've been seeing recently (which only started happening after the upgrade) is a lot of failed logons to the domain for users. It looks like the usual corrupted profile problem that has plagued Windows forever ...the usual messages that it cannot log the user on with a copy of their roaming profile, and that it will use a temporary one. Some folder redirections (that are initiated via Group Policy) also don't get applied. Users don't see errors when logging off from a "good" profile, and NTUSER.DAT etc. seemingly gets written correctly - the next time they log on, around half the time the users will get these errors as described below:
  Event viewer logs show "cannot find the file specified" errors for NTUSER.DAT, along with "directory name is invalid" errors for some of the folder redirections.
  More worrying (and what I think might be the real reason for these failures) are the "offline caching is enabled on the roaming profile share" errors. I think that the client-side caching might not be working - possibly the profiles aren't getting flushed and written correctly upon logout?
  Now, unfortunately the MMC snap-in for managing shares doesn't seem to support changing the behaviour for client-side caching on the CIFS shares (as confirmed in the latest 7000-series Admin Guide on page 198).
  I've been thinking about unchecking the "Enable Oplocks" box which from the CIFS side would completely stop all client-side caching I presume?
  Is this likely to be the culprit here, or is there any other known behaviour that could be causing these errors? Is it also worth disabling "Cache device usage" altogether for the Profiles share itself?
  Can anyone help? It's a bit of a strange problem, and something I don't want to raise with Sun on our support contract just yet, since at first glance it looks like a Windows problem, but I suspect the storage could well be to blame...

  Unfortunately, this is still not working correctly...
  So, it looks like it's not related to the offline caching seeing as it all works on the Q2009 despite the warnings...
  Some more errors coming out of userenv.log on the affected Windows machines:
  USERENV(280.284) 10:07:33:230 ReconcileFile: GetFileAttributes on the source failed with error = 2
  USERENV(280.284) 10:07:33:230 CopyProfileDirectoryEx: ReconcileFile failed with error = 2
  and later:
  USERENV(280.284) 10:07:33:245 GetShareName: WNetGetConnection initially returned error 2250
  USERENV(280.284) 10:07:33:245 CopyProfileDirectoryEx: Leaving with a return value of 0
  USERENV(280.284) 10:07:33:245 RestoreUserProfile: CopyProfileDirectory failed. Issuing default profile
  ...which then forces the TEMP profiles.
  All other errors linked to this look like "file not found", "invalid path" etc. when the files are present and the paths are correct.
  Manually mapping drives using CIFS with UNC paths sporadically fails too now. We have a bunch of GPOs that map shares to users depending on their group memberships - these too are sporadically failing.
  It certainly looks to me like it could be a CIFS problem introduced in the Q2010 release.
  I'm going to raise a ticket with Sun...

• Adobe premiere elements and roaming profiles problem

  We bought Adobe premiere elements 12 for use in our school lab environment and after lots of struggle I now see that it doesn't support roaming profiles. Is there a fix for this or have we wasted lots of money.
  Is there a way to change the default save location during deployment?

  I know that it have to be installed on the c: drive. But my question is if there are any way to change the default save location during deployment. Because Premiere will be installed on c:\program files\adobe\ adobe premiere elements 12\ but the default scratch disks and project location will be automatically tried to save to their roaming profiles the first time and causing the problem.
  Remember this is in a lab environment and new users will log on all the time and therefore get the error messages failures.
  Again, my question is:
  Is there a way to change the default start location during DEPLOYMENT (we use Configuration manager 2012) so that it will always start on for example c:\localmedia instead of their documents or appdata folders which are inside their roaming profile.

• DirectAccess and Roaming Profiles

  I've just implemented a proof of concept 2012 R2 DA server in an Edge config.
  All was looking great until I started to log off and on - the times were horrendous. I assumed it was roaming profiles and Google proved me correct, right at the very, very bottom on this 2008 R2 DirectAccess MS article https://technet.microsoft.com/en-us/library/ee382285%28WS.10%29.aspx?f=255&MSPPError=-2147217396 
  is the bomb-shell that you basically have to use Folder Redirection.
  This just won't work in our environment as you can only redirect a very specific subset of folders with Folder Redirection and the bulk of our users' data is not in any of these. For example we have a lot users with a OneDrive For Business folder in their profile
  and that can be huge. We also run some applications that store data in user profiles.
  Are there any options with DA on Server 2012 R2 that can help with this predicament or do I give up before now before even pushing out to some test users?

  Hi,
  >>I'm going to give UE-V a go and see if it's any better.
  For questions about User Experience Virtualization, we can post the question on the forum below:
  https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopuev
  Hope this helps.
  Best Regards.
  Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Local forest roaming profiles with remote forest users within RDS?

  We have been using RDS for some time now. New users get a new profile from (*1)"\\domain_1\netlogon\Default User.v2" when they first logon to a RDS session host. Ones that is done, the profile is becomes roaming profile that is stored on (*2) "\\some_serverx_in_domain_1\profiles$\%username%".
  (Note, this last setting can be set in 4 different places. We used a GPO and used the Remote Desktop Services section to set it) 
  So far, no rocket science. Now...
  Recently we've been asked to allow user accounts from another (trusted) forest (domain_2) to our RDS environment. These users are able to logon to our RDS environment but they do not get a fresh profile from our (*1) default profile location. Instead, they
  get a default profile from the RDS session host and this new profile does not become roaming so it is not saved to our (*2) location. How can we force the foreign accounts to get a roaming profile within domain_1 without having to change anything outside our
  administrative border?  
  Note: Their logon servers do not have a "Default User.v2" in their netlogon and their roaming profile settings are set in the AD properties for the user accounts. The roaming profiles they use are pre-2008 and thus unusable for our 2008-R2 RDS environment.
  We are not looking for cross-forest roaming profile functionality. We just want foreign accounts to use our roaming profile setup. Please Help! 

  Hi,
  Thanks for your post.
  Make sure the trusted forest user have permission to access the Default User profile. In addition, ensure the following policy was enabled:
  Computer Configuration\Administrative Templates\System\Group Policy\Allow Cross-Forest User Policy and Roaming User Profiles
  Allows User based policy processing, Roaming User Profiles and User Object logon scripts for cross forest interactive logons. This setting affects all user accounts interactively logging on to a computer in a different forest when a Cross Forest or 2-Way
  Forest trust exists.
  How to troubleshoot Group Policy object processing failures that occur across multiple forests
  http://support.microsoft.com/kb/910206
  Best Regards,
  Aiden
  TechNet Subscriber Support
  If you are
  TechNet Subscription
  user and have any feedback on our support quality, please send your feedback
  here.
  Aiden Cao
  TechNet Community Support

• Acrobat 9.1 and Roaming Profile -- Windows Vista

  Hello,
  my Problem is, that Acrobat crash, when i started. (Runtime Error)
  We yuse Roaming Profile. Any a solution ?
  Thanks

  Roaming profiles are not yet supported in Reader/Acrobat 8 or even 9.

• Issue with offline availability of roaming profiles in Server 2012

  I've recently stood up a Windows 2012 R2 server. I set up folder redirection using the guidelines
  here and roaming profiles using Group Policy. All is well except for the fact that if the client is physically disconnected from the network then the profile isn't available.
  I've set up folder redirection/roaming profiles on many different version of Windows Server and this is the first time I can remember that the files weren't available offline without further intervention from me. Is there some new setting or default on 2012
  R2 that I'm running afoul of?
  I note the following screen on the share properties but don't want to go at it until I know more
  Location of image in case of no display
  Sunt ludi et ioci dum aliquis oculo nocet.

  Shaon,
  No problem at all, I'm delighted that someone is answering at all! :-)
  The answers to your points/questions are as follows:
  1. The issue persists after a reboot
  2. All computers in the OU are experiencing this issue along with all users affected by these group policy items
  3. There is only one group policy applied here and in relation to the three items you've mentioned:
  Action on server disconnect [Not configured]
  Non-default server disconnect actions [Not configured]
  Do not automatically make redirected folders available offline [Not visible]
  All the relevant group policy objects (on the server) are at their default "Not configured" value. I've filtered by Windows 7 and Windows 8 as I have nothing below that. I've checked both locations viz.:
  Computer Configuration\Policies\Administrative Templates\Network\Offline Files
  User Configuration\Policies\Administrative Templates\Network\Offline Files
  The same is true for Local Computer Policy, all are set to "Not configured". In Explorer on the client under the Easy Access option all of the salient settings are greyed out.
  - Derek
  Sunt ludi et ioci dum aliquis oculo nocet.

• Roaming Profile Folder Creation Immediately Inaccessible

  Set up is AD 2008.  Terminal 2012 R2, Fileserver 2012.
  Before we've had it set so we could create a user in AD, log them onto the Terminal, it creates the profile, which on log out is saved to its roaming location on the Fileserver with a V2 after it.  In their profile field in AD, that Fileserver location
  was given as well.
  Something changed recently and we're not sure what.  Now if I create a user in AD, and log them into the Terminal, it gives me a message that a temporary profile is being used for this log on.  When I log out, it creates the V2 on the Fileserver,
  but I'm unable to access it even with admin credentials.  I've been able to change the owner, but it doesn't allow me to delete that folder and try again.  I have been able to run this
  SET DIRECTORY_NAME="C:\profilelocation"
  TAKEOWN /f %DIRECTORY_NAME% /r /d y
  ICACLS %DIRECTORY_NAME% /grant administrators:F /t
  PAUSE
  where the profile location is the folder in question and have it open it up enough to delete so we can troubleshoot.  But doing that doesn't change the initial Terminal status of using a roaming profile and it using a temporary profile.
  On the terminal server, I have also found the registry setting for that user and deleted it (the one with the .bak ending).  That allows a good logon if I remove the profile location setting in AD.  But when I move the folder to the fileserver,
  and then add the location back in AD, I get the Temporary Profile error again.
  Any ideas where to start looking?  I don't think we've changed any GPs that affect our terminal users.  Current users are fine, but I won't be able to create any new users and have them use a roaming profile.
  Ben Rollman

  Well, I'm still not sure what changed.  Here's what I've done so far.  (Email to my boss yesterday.)
  I set up a test container under States and moved all the state user, test user, etc into it.  Then I backed up the current ExtUsers_UsersGPO settings and imported them
  into a new GPO called TextExt… and enabled the computer settings.  It had the following but the Computer Setting wasn’t enabled so it wouldn’t have done that.
  Policy
  Setting
  Comment
  Add the Administrators security group to roaming user profiles
  Enabled
  I deleted the local and roaming file, and for good measure the registry entry.  I logged in as “testuser” and didn’t receive any problems.  Created a test folder,
  test file, logged off.  I see the testuser.V2 on the FS, but I can’t access it, like before.
  I run the following script to change it so I can access it.
  SET DIRECTORY_NAME="C:\Files\Profiles\testuser.v2"
  TAKEOWN /f %DIRECTORY_NAME% /r /d y
  ICACLS %DIRECTORY_NAME% /grant administrators:F /t
  PAUSE
  The FS profile is set for full rights for domain and local admin, but no user.  So I add the user as the owner, and give the user full rights.  Log in, and I get
  this.
  Your roaming profile is not synchronized correctly with the server. Windows will load your previously-saved local profile instead. See the previous events for details.
  And these in event viewer.
  Windows cannot copy file
  \\statefs\Profiles\testuser.V2\ntuser.ini to location C:\Users\testuser\ntuser.ini. This error may be caused by network problems or insufficient security rights.
  DETAIL - The system cannot find the file specified.
  Windows could not load your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. Windows could
  not load your profile because a server copy of the profile folder already exists that does not have the correct security. Either the current user or the Administrators group must be the owner of the folder.
  I had put the icons on the FS folder just to see if it would show up.  I saw the test folder okay in both.  But when I logged back in, the shortcut icons weren’t
  there.  AND when I logged off, it overwrote the FS folder, removing the icons.
  From there I checked the TS local profile folder (just in case) and saw it had no testuser rights at all.  The owner of that folder was SYSTEM.  So just for fun I
  changed the owner to testuser, made sure to set it for all subfolders, logged in, no error message.  Logged out, put shortcuts into the desktop folder on FS, logged back in, no errors and the shortcuts are there.
  So.
  I don’t know if it’s the GP or the fact that maybe the TS folder wasn’t getting the right permission to allow the roaming process to write to it or both.  I’m going to
  try to recreate this, see if there’s a way to shorten the process or create a template like before.
  Ben Rollman