Locally cached copy of roaming profiles are being created with username.domainname.00x suffix
First off let me give some background as to where we've come from and how we got to where we are today. In my organazation we initially setup a Win 2k3 domain with roaming profiles. The roaming profiles worked without a problem for about 6 years. We migrated to a Windows 2k8 domain (non-2008 native mode) about two years ago. Profiles have been working fine. We recently did a rollout of 80% of our client machines with newly leased machines. Once we did this, the profile issues have been...interesting to say the least. I've been seeing a couple machines having issues loading their profiles correctly. The users will complain of not being able to use MS Outlook, or they don't have their proper desktop icons on their desktop. These erros can present themselves when the user changes their domain acct. password (per our security policey) or it may happen just out of the blue. The user may be working perfectly fine on Monday, and then log off and on Tuesday when they login to their computer, the user will have these problems. When this is reported to me, I login the computer that is having the issue and I look at the C:\Documents and Settings folder and I'll see sometimes multiple bogus profiles. The profiles have a naming convention of %username%.%domainname%.00X . The .00X will increment up 1 with each bogus profile. Each of these bogus profiles will have only the local settings folder in them. In order to fix this problem, we typically delete all the local profiles and let the computer pull the server copy back down. Can someone please shed some light on this for me. Thanks.
I have the exact same issue. All my machines are SP3 as well. I have tried UPHClean and it makes no difference. It's completely random when the username.domain.000 accounts start appearing and accounts become corrupt causing the same issue with outlook or a different set of desktop icons. After almost 3 months of having to reset user profiles (we have 1700 AD accounts and 3 IT guys), here's what I've found to this point.
WINLOGON.EXE is the culprit. UPHClean doesn't appear to work well with SP3 or this particular version of WINLOGON. WINLOGON.EXE is locking (handle) the profile directory itself.
7F8: File (RW-) C:\Documents and Settings\(User Directory)
You cannot even run a batch script or something to "restart" winlogon to unlock the folder because it's a system process. When the user logs back in, the pc sees there is already a user profile folder there so it creates a new one with the domain name, rinse and repeat and you get:
Username
Username.Domain
Username.Domain.000
Username.Domain.001
These will go on forever unless you use DELPROF in your GPO as a Computer/Windows/Startup script to remove all "USER ONLY" profiles from the docs and settings folder. This works great other than now, users seem to randomly loose their favorites. This is about the most discussed roaming profile issue on the internet but not a single person nor group of persons has created a 100% working fix for it. It's been a massive headache for me and my guys and I know thousands of other IT guys have or are still struggling with it.
PLEASE Microsoft, fix this winlogon issue so it will release the user profile directory when the user logs out. PLEASE.
Similar Messages
-
Local and Roaming profiles not being created
Hello all,
I'm in need of help and I wondered if there was anyone out there with some suggestions.
The problem is that one of our sites has Netware 5 and Zfd3.2 and there are no longer any roaming profiles or local profiles being created. Volatile user is not used. Roaming profiles go to the users home directory. All file rights are fine. DLU is still working. Novell client on W2K workstations is 4.90. All other sites appear to be OK.
I suspected that the user policy was at fault and so created a test user package and associated a test user to it = same result.
I have checked from top to bottom and compared all settings to other sites and can see no difference or anything unusual. I've been working on this for 2 days now and I'm going grey and bald.
Any suggestions anyone?
I'll buy a pint for anyone with the answer - LOL.
Thanks in advance
Alan Graham
email: [email protected]elvisgraham,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/ -
TLB STO's created in ECC via cif are being created with Intercompany Markup
STO's created using TLB in APO when cif'd over to ECC6 get created with an Intercompany Markup. When created manually in ECC6 using ME21N the markup is not part of the pricing and is correct. Has anyone had this same situation?
Abhishek,
ECC Route is is part of ECC Transportation and Delivery scheduling,
( http://help.sap.com/erp2005_ehp_02/helpdata/EN/dd/5607e7545a11d1a7020000e829fd11/frameset.htm )
and is not directly linked to SCM means of transport in standard SCM. The analogue to Route in SCM is found in shipment scheduling in SCM. If you wish to link route to alternative Means of Transport, you will need to use an enhancement.
If you elect to use the more standard 'shipment scheduling' functionality to schedule your STOs instead of an enhancement, you do not need to implement the entire TLB or TPVS, you can pretty much implement just the shipment scheduling functionality.
http://help.sap.com/saphelp_scm700_ehp02/helpdata/EN/05/f8923945b12c4de10000000a114084/frameset.htm
Best Regards,
DB49 -
Two user id are being created in BO when user is accessing from Window AD
Hello Team,
We are facing a problem in BO XIR3.
1. Where users are login BO through Window AD login.
2. When users are login two idu2019s are being created in BO for that user.
3. One with the same name and another one with appending 0 at end.
4. For example if user abcd login through window AD in BO there will be two idu2019s are created one is with abcd and another one is abcd0
5. Here users are already having access to BO thorugh AD aunthtication,
For ex: User abcd is having access to BO through Win AD, but when he is login then one more id is being created with name abcd0 in BO.even the alias name is same for both of the ID.
here abcd is already in system abcd0 is being created in BO
6 For second created id like abcd0 in BO rights are not given so user is not able to login.
7. Here when user abcd is login from AD his alias point to second created id in BO(abcd0) and this second id abcd0 is not having access to Bo so users are not able to access BO.
Can you please let me know why it is happening, what went wrong and where ????
Your help will be highly apprecaitedOIM 11.1.1.3 is the version that we installed. USR_PASSWORD is not empty, after BP03 this appears to be a random password. it appears to be generated by oracle.iam.reconciliation.impl.ReconUserPasswordHandler. From the sequence of events it also appears that UserCreateLDAPPostProcessHandler is not getting called.
password was same as AD username before bp03. it looks like your issue is different in this case.
Below is the error stack that i see in oim diagnostic log.
oracle.iam.platform.kernel.EventFailedException: Enabling failed because user SYNCTEST5 is not synchronized to the LDAP directory.
at oracle.iam.ldapsync.impl.eventhandlers.user.util.LDAPUserHandlerUtil.enableUser(LDAPUserHandlerUtil.java:79)
at oracle.iam.ldapsync.impl.eventhandlers.user.UserEnableLDAPHandler.execute(UserEnableLDAPHandler.java:143)
at oracle.iam.platform.kernel.impl.OrchProcessData.runPostProcessEvents(OrchProcessData.java:1153)
at oracle.iam.platform.kernel.impl.OrchProcessData.runEvents(OrchProcessData.java:703)
at oracle.iam.platform.kernel.impl.OrchProcessData.executeEvents(OrchProcessData.java:220)
at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:674)
at oracle.iam.platform.kernel.impl.OrchestrationEngineImpl.resumeProcess(OrchestrationEngineImpl.java:705)
at oracle.iam.platform.kernel.impl.OrhestrationAsyncTask.execute(OrhestrationAsyncTask.java:108)
at oracle.iam.platform.async.impl.TaskExecutor.executeUnmanagedTask(TaskExecutor.java:100)
at oracle.iam.platform.async.impl.TaskExecutor.execute(TaskExecutor.java:70)
at oracle.iam.platform.async.messaging.MessageReceiver.onMessage(MessageReceiver.java:68)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) -
iTunes says my contacts are being synced with Microsoft Exchange over the air, but I do not have an Exchange account, and I have disabled over the air syncing on both my iPhone 4, as well as in iTunes. How do I remedy this? I did a complete Restore on my phone to rectify this, but got the same results.
I have worked for a couple of hours now; at first, none of my contacts were syncing with Outlook, even though iTunes said they were. Then after checking and unchecking everything I could find relating to syncing, some of my contacts synced. Now I've managed to get them all synced, but still getting this message. I need to make sure that going forward, all changes and updates are correctly synced manually whenever I plug my phone into my computer. Any suggestions?You are getting this message because you are trying to create an iCloud account on a PC. You can only create iCloud account on an iOS device (iPhone, iPad or iPod Touch) running iOS 5 or higher, or on a Mac running OS X Lion (10.7.5) or higher. After creating your account on one of these devices you will then be able to sign into the account using this ID on your PC.
-
my emails are being delivered with pop@..... as the sender. How do I change that to be my email address?
Welcome to the Apple Community.
Settings > messages > receive at > caller ID -
Hello,
I'm trying to sync the contacts on my iPhone 5 with my contacts on my Mac Book Air (merge them), I'm also using Outlook (Microsoft) to manage my email account and my contacts. I used to sync my contacts from my previous iPhone (4S) with my contacts on my Mac and also with contacts on Outlook.
Now that I have iPhone 5 I missed that sync (iPhone-Mac-Outlook), so I figure it out that in iTunes there is this message: "your contacts are being synced with Microsoft Exchange over the air. Your contacts will also sync directly with this computer. This may result in duplicated data showing on your device"
Every contact created on iPhone doesn't sync with my Mac or Outlook.
How should I configure my iphone and my mac to sync properly??
Thanks a lot!
Kind Regards,
Silvana
Mac book Air OS X 10.8.3
Processor 1.7 GHz Intel Core i5
iTunes 11.0.4
iPhone 5 iOS 6.1.4Not surprisingly there have been no answers to this question because the only person who knows how to use iTunes/iCloud/iPhone is too busy.
-
Your contacts are being synced with your iPad over the air from iCloud
tl;dr: iPhone works properly with iTunes 11.1 and iPad does not. Can't sync with both iTunes and iCloud to separate, distinct Calendar/Contact/Notes groups.
Explanation:
Ever since iTunes 11 was released (I'm on 11.1 now) I'm unable to sync Contacts, Calendars, and Notes via iTunes because I'm using over the air syncing from iCloud. As late as iTunes 10.7, this was okay, because "On My PC" groups would sync perfectly with iTunes, and iCloud groups would sync perfectly with iCloud.
In fact, this still works, today, but only on my iPhones.
However on the iPad I get the message "Your contacts are being synced with your iPad over the air from iCloud." (Well, yeah, I know that. My iCloud contacts should continue to sync via iCloud. I don't want to turn off this behavior.)
The "workaround" used to be sticking to iTunes 10.7, which had correct behavior for both iPad and iPhone. Of course iOS7 nuked that option.
Is anyone aware of another workaround? (Merging my professional Outlook stuff into my iCloud stuff is not a workaround.)I can place a bounty. $20 USD to your Paypal account for a fix.
-
I feel that Apple. mac. Safari is selling out available Space on every search, and, or
we consumers are being saturated with junk mail. can't block it can't stop it from happening. HelpYou can use junk mail filters but setting the criteria can be a problem.
A very good tool for blocking adware is available from Thomas Reed's site http://www.thesafemac.com Thomas is a regular contributor on ASC and a good helper. -
I'm trying to sync the calendar from my phone on the my new mac. the "sync calendars" blurb in iTunes says, "your calendars are being synced with your iPhone over the air from iCloud".. not nothing is happening. what to do? what to do?
or even better on mac sign into icloud with same apple id under system preferences and icloud
they will merge automatically
Peace, Clyde -
Iphone question
my my incoming phone calls are being shared with my wife's IPhone as well, both phones are getting the same call, how do I correct?
thanksThat is a new feature described in Connect your iPhone, iPad, iPod touch, and Mac using Continuity - Apple Support
You can turn it off by going to Settings > FaceTime and changing "iPhone Cellular Calls" to off.
You may also want to look into using separate Apple IDs for you and your wife. That is now more flexible with new Family Sharing features: http://www.apple.com/ios/whats-new/family-sharing/ -
Accounts being created with administrative group rights
Hello,
The server is a Windows 2003 R2 Enterprise fully patched used for Shared Hosting purposes. It runs Hsphere control panel. I am trying to identify how the following hack is happening.
1) There are users being created with Administrative group rights. Below is the EventViewer log for the user creation:
User Account Created:
New Account Name: username
New Domain: PCNAME
New Account ID: PCNAME\username
Caller User Name: PCNAME$
Caller Domain: DOMAINNAME
Caller Logon ID: (0x0,0x3E7)
Privileges -
Attributes:
Sam Account Name: username
Display Name: <value not set>
User Principal Name: -
Home Directory: <value not set>
Home Drive: <value not set>
Script Path: <value not set>
Profile Path: <value not set>
User Workstations: <value not set>
Password Last Set: <never>
Account Expires: <never>
Primary Group ID: 513
AllowedToDelegateTo: -
Old UAC Value: 0x2DAB2B0
New UAC Value: 0x2DAB2B0
User Account Control: -
User Parameters: <value not set>
Sid History: -
Logon Hours: <value changed, but not displayed>
There exists entries as well where the primary group ID is changed to the Administrative group, but I am omitting such.
2) I tried to identify what Caller Logon ID: (0x0,0x3E7) means. I found out from here:
http://blog.joeware.net/2013/01/14/2667/ that I can use LogonSessions.exe to identify it.
Output from LogonSessions.exe is pasted below (snippet):
[0] Logon session 00000000:000003e7:
User name: DOMAINNAME\PCNAME$
Auth package: NTLM
Logon type: (none)
Session: 0
Sid: S-1-5-18
Logon time: 9/11/2014 12:41:53 PM
Logon server:
DNS Domain:
UPN:
4: System
316: smss.exe
364: csrss.exe
392: winlogon.exe
440: services.exe
452: lsass.exe
628: svchost.exe
756: LMAgent.exe
840: svchost.exe
1000: spoolsv.exe
1252: avagent.exe
1268: camWMIAgent.exe
1324: cissesrv.exe
1380: cpqrcmc.exe
1404: vcagent.exe
1440: svchost.exe
1480: HsQuotas.exe
1740: inetinfo.exe
1780: EmailAgent.exe
1856: snmp.exe
1884: sysdown.exe
1920: smhstart.exe
2192: svchost.exe
2388: cmd.exe
2396: hpsmhd.exe
2444: cqmgserv.exe
2464: cqmgstor.exe
2484: HSphere.exe
2596: wmiprvse.exe
2676: cmd.exe
2684: rotatelogs.exe
2692: cmd.exe
2700: rotatelogs.exe
2732: searchindexer.exe
2812: hpsmhd.exe
2824: cqmghost.exe
2852: svchost.exe
3044: cmd.exe
3052: rotatelogs.exe
3080: cmd.exe
3088: rotatelogs.exe
5452: svchost.exe
5596: GravitixService.exe
7392: csrss.exe
7232: winlogon.exe
6888: csrss.exe
9832: winlogon.exe
10388: wawrapper.exe
10352: cpqnimgt.exe
9496: msiexec.exe
6068: w3wp.exe
4748: webalizer.exe
3) I also learned from http://support.microsoft.com/kb/243330/en-us that Sid: S-1-5-18 means:
SID: S-1-5-18
Name: Local System
Description: A service account that is used by the operating system
That is all great info, but I am not sure I can put together what I have learned to attempt and get closer towards identifying how in the world users are being created and then being assigned administrative group rights.
I am a Linux person mostly, but I am comfortable following a properly explained thread regarding windows 2003 R2 Enterprise issues.
The server is fully patched and it is running Lumension security product. What's more, Norman Malware tracker, tdskiller.exe (Kaspersky) and McAfee rootkitremover.exe have been run without any apparent Malware/Virus infection
Hope someone with advanced admin skills can advise.
Thank youHi,
You mentioned that, “I am trying to identify how the following hack is happening”, would you please tell us that why did you think the event represent a hacking behavior?
In a Shared Server Hosting environment, the underlying hosting control panel tool (Hsphere in this case) should be creating only virtual FTP users with a specific group. So no users with Administrative group should be ever created. If this happens,
it constitutes a breach of server security=positive hacking attempt.
>how in the world users are being created and then being assigned administrative group rights.
In addition, would you please be more specific about this question? Did you find the event message on a domain joined machine?
I want to be able to understand in full how/what process is allowing users to be created with Admin rights. In other words, I want to know what IP was used to issue the command, if ASP.net was used (abused in this case), or anything else related to
it so that we can patch this particular hole.
Best Regards,
Amy -
Are documents created with Microsoft office for windows and Microsoft office for mac are compatible with each other?
As with a lot of software, it depends on the version of Word, and what features the author used.
Technically, Office 2010 for Windows and 2011 for Mac are supposed to be feature compatible. As are Office 2007 for Windows, and 2008 for Mac.
However, if a person using Office 2010 / 2011 used a feature that only exists in that version and sends the file to someone using Office 2007 / 2008, they would very likely have trouble opening the file, or having it display as intended. -
Roaming Profile are not stored completely
Hello NG
In our environment we work with NWClient 2 SP1 IR9, ZCM11 SP1a and Roaming
profile is activated by a ZCM policy.
Now we have the problem, that when a user logout from the workstation, the
roaming profile is not stored completely to the home profile. Strange is,
that the ntuser.dat has an updated times
The homedirectory where the roaming profiles should be stored is a NSS
volume.
On the workstation evenviewer i saw following interesting information.
Event ID 1509
Source \\?\C:\Users\MichelB\Favorites\Links
Target \\?\UNC\SERVER2$NOCSC$\HOMEL\USERS/MichelB\Windows NT 6.1 Workstation
Profile.V2\Favorites\Links
Error The system can not found the path
Source \\?\C:\Users\MichelB\Favorites
Target \\?\UNC\SERVER2$NOCSC$\HOMEL\USERS/MichelB\Windows NT 6.1 Workstation
Profile.V2\Favorites
Error The system can not found the path
etc. this happens for all folders in the profile path.
Then event ID 1534 is diplayed that says there was too many copy errors.....
And at last the Event ID 1504 that says that the roaming profile couldn't be
updated completely
I suppose that here the Novell Client has problems to write to the NSS
volume
Somebody can help me to solve this issue?Originally Posted by breezer
-keeping the thread alive-
We have been doing extensive testing here and have found (win7) that the local user & profile created by zcm is not properly removed after a user logs out.
We have found up to 40 student user accounts in the LRC machines when doing a net user and the equivalent c:\user\<username>, there are also <username>-<machinename>.001/2/3 directories as well.
I use volatile accounts, [setting] using existing account or not doesn't make any difference.
I can demonstrate that clearing down local profiles (net user <username> /delete and rd c:\users\<username>) allows the user to log in again without any issues, but usually they can do this only once or twice before the profile blows out.
Our students are very mobile and a typical day will be 9.00-10.00 lessons, 10.00-10.30 LRC, 10.30-12.30 lessons (different class room) ........
This was identified in September when the students returned from break and we have had the issues for nearly 4 months.
Our machines are built via zen imaging, the client and agent are then installed with the appropriate enabling software for the machine (zoomtext/jaws/dragon/read&write).
Can anybody give me any pointers on this as my tech support and novell (via a SR) have not yet been able to pin point the problem and provide a fix.
Breezer
Try Knowlegebase 7940698, that might lead you the right way? -
How can we reset the SAP cache for users roaming profile in a d?
Our active directory is on windows server 2003.
SAP version 6.40
users work from different workstations in our company with their roaming profile.
printouts are defined by assigning a printer to the terminal (usually the closest terminal to theprinter)
we have some users who have logined to windows, are unable to print to the assigned printer, because the name of the terminal is stuck on another terminal they worked on before.
we think that the the cache in SAP does not update properly.
Where is the SAP cache, is it in the server, or the workstation, or the user profile?
Can anyone help?
Robynall configurations of the printers are correct.
I will try and explain the problem differently:
In general If a user logs on to SAP, we will see in tc al08 the username and terminal the user is working from. (The terminal is the full computer name e.g. WS-KITCHEN).
When a user with the problem logs on to SAP, we will see in tc al08 the username and the name of a terminal he worked from in the past and not the work station he is at present. Therefore his printouts go to the printer that is allocated to the terminal that he worked on before and not the WS-KITCHEN he is working on now.
Thanks
Robyn
Maybe you are looking for
-
What is the best way to put LabVIEW DSC data into an Oracle database?
I have been collecting data using LabVIEW DSC 7.0 for several years and have always accessed the data from the Citadel database via the Historical Data Viewer. I would now like to begin putting this data into an Oracle database. My company stores a
-
IDVD selectively won't recognize .mp4 format - how to burn for dvd player?
Hi - I'm trying to burn a .mp4 movie for my gf's family so they can watch it on their TV instead of my tiny comp. After trying DiskUtility and iTunes (both to no avail, DU wouldn't even allow me to select a .mp4 format to burn on the DVD; iTunes burn
-
10.5.7 Won't Read Audio CDs?
I installed 10.5.7 a couple of days ago. All went well and continues to do so except for 1 minor quirk, none of my audio CDs can be read by the dvd drive, I have managed to burn both CD and DVDs though using toast 8, but I'm unable to read audio CDs
-
Hi Gurus, I have created a PO however for some reasons I need to change the vendor. Is it possible to change the vendor once a PO is created? Or instead i just have to delete the old PO and create a new one for this new vendor? Please advise. Thank
-
Wifi disconnect wen The display turns off
Hi, i have asus t100 There is a problem Power settings sleep and display off, is not separated as a laptop or PC. Should be three plan settings (as pictured). I have only one option, sleep. *exmp after changing the advanced power settings Tha