Rebuild Roaming Profiles

Welcome Forums General PowerShell Q&A Rebuild Roaming Profiles

This topic contains 4 replies, has 3 voices, and was last updated by

4 years, 2 months ago.

  • Author
  • #21863

    Points: 0
    Rank: Member

    We currently use roaming profiles. They get corrupted often resulting in Temporary profile creation. I have to go to the v2 file and rename .old and then let the new profile folder get created and then copy the files back.

    I am trying to do this with powershell. Reset the permissions and create a new profile folder. However when i finish creating the new folder There are still on a temp profile

    Here's what I have so far

    any help would be appreciated

    function FixTempProfile($user) {
    #Get the Profile Folder 
    $ProfileFolder = Get-Item -Path "\\dns01\Profiles\$user.v2" 
    # .Old Filel Name
    $OldName = ($ProfileFolder.BaseName.Split('.')[0]) + '.old'
    # the new V2 file name
    $V2Name = $ProfileFolder.Name
    #rename .old to .v2
    Rename-Item -Path $ProfileFolder -NewName $OldName -Force
    #make new .v2 folder
    mkdir "\\dns01\Profiles\$V2Name" 
    dir  "\\dns01\Profiles\Profiles\$OldName" -Recurse  | Copy-Item -Destination "\\dns01\Profiles\$V2Name" -Force
    $NewProfileFolder = "\\dns01\Profiles\$V2Name" 
    #remove all ACE from folder
    $acl = Get-Acl $NewProfileFolder
    $acl.Access | %{$acl.RemoveAccessRule($_)}
    Set-Acl $NewProfileFolder $acl 
    #Take Ownership
    function Take-Ownership {
    	takeown.exe /A /F $Folder
    	$acl = Get-Acl $Folder
    	$new = "Lgs\Domain Admins","FullControl","ContainerInherit,ObjectInherit","None","Allow"
    	$newFileSystemAccessRule = new-object System.Security.AccessControl.FileSystemAccessRule $new
    	Set-Acl -Path $Folder -AclObject $acl
    Take-Ownership -Folder $NewProfileFolder
    #Enable Inheritance
    Set-Acl $f $acl 
  • #21873

    Points: 60
    Rank: Member

    Hey fella,

    lol, we have similar problems where I work as well. Couple of things I can think of to check.

    – Are you also setting the ACL on the new folder to include the user's account?
    – It's not fun, but if you're copying over the user.dat as well, it might be an idea to check to see if it has any references to the previous location. Run Regedit and mount the user.dat to a hive and have a look through it. Make sure you've got lots of coffee nearby....

    We still do it manually because it's such a pain. 🙁

  • #21882

    Points: 0
    Rank: Member

    Hey Tim thanks for the reply.

    I am setting the user on the folder but for some reason its still going to a temp file. I dont know about the user.dat file can you explain ?

    here's what i am using just for the file coping between the 2 folders

    function Rename-ProfileFolder($user)
    $ProfileFolder = Get-Item -Path "\\dns01\Profiles\$user.v2" 
    $OldName = ($ProfileFolder.BaseName.Split('.')[0]) + '.old'
    $V2Name = $ProfileFolder.Name
    Rename-Item -Path $ProfileFolder -NewName $OldName
    function Restore-ProfileData($user)
    $Source = "\\dns01\Profiles\$user.old"
    $destination  = "\\dns01\Profiles\$user.v2" 
    Robocopy  "$Source" "$destination" /mir /r:2 /w:3
  • #21944

    Points: 60
    Rank: Member

    There is normally a user.dat file stored within a users profile, remotely or locally, which effectively contains the registry settings you would see under HKCU if the user was logged onto the box. I'm wondering if you are copying that file that it might still contain settings from the previous profile, which for example point to a path that no longer exists. Particularly the special folders for where it looks for favorites, my documents etc. It's just a shot in the dark though.

    Might be an idea to stick process monitor on the RDS and filter it to register file operations where those folders are, so you get an idea what activity is actually happens during the process.

  • #21996

    Points: 1
    Rank: Member


    I have seen this problem on several servers when using RDP.
    You could check under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList and verify that none of the entries end with '.bak'
    If they do log off the user and rename the entry in the list.

    (Get-ChildItem -Path "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList").name | ? {$ -like '*.bak'}


The topic ‘Rebuild Roaming Profiles’ is closed to new replies.

denizli escort samsun escort muğla escort ataşehir escort kuşadası escort