Lisa
04-16-2008, 10:36 AM
Here is an ongoing conversation with a Train Signal customer. We have decided to post it here so everyone can contribute to and learn from it:
We are new to Windows AD.. moving from Novell. I just recently completed you Windows Active Directory, Group Policy and Vista training videos...they are great!! I do have one question.
Is it possible to have a workstation joined to Windows 2003/2008 to use a specific local user profile? In Novell, when a user logs in we use a local windows user called tps. We would like to do the same thing with Students that join a domain.
I understand copying the tsd profile to the default user, etc., etc. but we would like to not do that. It seems strange that there is no way to login to the domain without the domain creating a new user for every user that logs in. With a large student population we use Deep Freeze to control our desktops with a default TPS user.
Bottom line..how can we use the TPS user ONLY on the workstation?
Thank you for your help, and great job on the videos...
In researching this further I’ve come upon a crossroads that may cause me to answer the question in two different ways. The information I need clarified is this: Do you want each student to have there own username and password, and then you’ll create a unified control profile to keep everything the same? Or, do you want there to be one username and one password that every student will use? I think you explained everything well; I’m just trying to get the most information I can before I provide an answer.
-Zach
Each student would have their own name in AD (for authentication, policies, etc) but the WORKSTATION PROFILE would be TPS...in other words something link allow all authenticated users to use the local tps account on the workstation.
From my understanding of your question what you would need to do is take a look at how to set up a Read-Only Roaming Profile. With this you can set the profiles to cache to the local system. Below is a link that gives the steps on how to do this:
http://support.microsoft.com/kb/324749/en-us
Also, you can rename your admin account on all your local systems as well, but I wouldn’t allow users access. Below is a link that gives steps on how to do this:
http://support.microsoft.com/kb/816109
Please let us know if you have any other questions.
-Zach
That's what started the entire process..what you refer to is a Mandatory Profile - problem is our TPS user folder is 245MB...we can't have that being copied down from the Domain for 30,000 students when the login...that's what brought up the local user profile on the windows machines...even using local, it takes 3:35seconds the first time you login!!
We are new to Windows AD.. moving from Novell. I just recently completed you Windows Active Directory, Group Policy and Vista training videos...they are great!! I do have one question.
Is it possible to have a workstation joined to Windows 2003/2008 to use a specific local user profile? In Novell, when a user logs in we use a local windows user called tps. We would like to do the same thing with Students that join a domain.
I understand copying the tsd profile to the default user, etc., etc. but we would like to not do that. It seems strange that there is no way to login to the domain without the domain creating a new user for every user that logs in. With a large student population we use Deep Freeze to control our desktops with a default TPS user.
Bottom line..how can we use the TPS user ONLY on the workstation?
Thank you for your help, and great job on the videos...
In researching this further I’ve come upon a crossroads that may cause me to answer the question in two different ways. The information I need clarified is this: Do you want each student to have there own username and password, and then you’ll create a unified control profile to keep everything the same? Or, do you want there to be one username and one password that every student will use? I think you explained everything well; I’m just trying to get the most information I can before I provide an answer.
-Zach
Each student would have their own name in AD (for authentication, policies, etc) but the WORKSTATION PROFILE would be TPS...in other words something link allow all authenticated users to use the local tps account on the workstation.
From my understanding of your question what you would need to do is take a look at how to set up a Read-Only Roaming Profile. With this you can set the profiles to cache to the local system. Below is a link that gives the steps on how to do this:
http://support.microsoft.com/kb/324749/en-us
Also, you can rename your admin account on all your local systems as well, but I wouldn’t allow users access. Below is a link that gives steps on how to do this:
http://support.microsoft.com/kb/816109
Please let us know if you have any other questions.
-Zach
That's what started the entire process..what you refer to is a Mandatory Profile - problem is our TPS user folder is 245MB...we can't have that being copied down from the Domain for 30,000 students when the login...that's what brought up the local user profile on the windows machines...even using local, it takes 3:35seconds the first time you login!!