DOCSLIB.ORG

The Defintive Guide to Windows Desktop

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Defintive Guide to Windows Desktop realtimepublishers.comtm The Definitive Guidetm To Windows Desktop Administration Bob Kelly Chapter 3 Chapter 3: User Profile and Data Management .............................................................................50 User Profiles...................................................................................................................................51 Local Profiles.....................................................................................................................53 Roaming Profiles ...............................................................................................................53 Mandatory User Profiles....................................................................................................59 Temporary User Profiles....................................................................................................59 Profile Security ..................................................................................................................59 Contents of a User Profile..................................................................................................59 User Profile Storage...........................................................................................................61 Profiles Templates .............................................................................................................61 Default Profiles ..................................................................................................................62 Manual Profile Modifications............................................................................................63 Dictating Data Storage...................................................................................................................64 Network Share ...................................................................................................................64 User Home Directory.............................................................................................64 Single Share ...........................................................................................................65 Individual User Shares...........................................................................................65 User Profile ........................................................................................................................65 Local Data Directory..........................................................................................................66 Setting Default Paths..............................................................................................66 Folder Redirection .................................................................................................66 Folder Redirection via Shell Folders .....................................................................68 User Profile Quotas............................................................................................................69 Post Deployment Profile Configuration.........................................................................................72 Dictating Settings at Startup ..............................................................................................72 Dictating Settings at Logon ...............................................................................................73 Additional Tools ............................................................................................................................73 ScriptLogic.........................................................................................................................73 Visual KIX.........................................................................................................................75 Backing Up and Restoring Profiles................................................................................................76 Traditional Backup Systems ..............................................................................................76 Scripted Copies ..................................................................................................................77 Migration Tools .................................................................................................................77 i Chapter 3 Troubleshooting Profiles................................................................................................................77 Unable to Load Profile.......................................................................................................78 Troubleshooting Profile Problems with UserEnv.log........................................................78 Using Profiles with Multiple Versions of Windows..........................................................79 Hard-Coded Profile Paths ......................................................................................79 System and Group Policy Assignments.................................................................80 Summary........................................................................................................................................80 ii Chapter 3 Copyright Statement © 2003 Realtimepublishers.com, Inc. All rights reserved. This site contains materials that have been created, developed, or commissioned by, and published with the permission of, Realtimepublishers.com, Inc. (the “Materials”) and this site and any such Materials are protected by international copyright and trademark laws. THE MATERIALS ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. The Materials are subject to change without notice and do not represent a commitment on the part of Realtimepublishers.com, Inc or its web site sponsors. In no event shall Realtimepublishers.com, Inc. or its web site sponsors be held liable for technical or editorial errors or omissions contained in the Materials, including without limitation, for any direct, indirect, incidental, special, exemplary or consequential damages whatsoever resulting from the use of any information contained in the Materials. The Materials (including but not limited to the text, images, audio, and/or video) may not be copied, reproduced, republished, uploaded, posted, transmitted, or distributed in any way, in whole or in part, except that one copy may be downloaded for your personal, non- commercial use on a single computer. In connection with such use, you may not modify or obscure any copyright or other proprietary notice. The Materials may contain trademarks, services marks and logos that are the property of third parties. You are not permitted to use these trademarks, services marks or logos without prior written consent of such third parties. If you have any questions about these terms, or if you would like information about licensing materials from Realtimepublishers.com, please contact us via e-mail at [email protected]. iii Chapter 3 Chapter 3: User Profile and Data Management In the last chapter, we covered the deployment of new systems. With your baseline identified, tested, and deployed, the real challenge of desktop administration comes into play—satisfying your users. Your goal in this area is clear: provide your users with the software they need as well as helpful default settings to ease its use. If a user has to search for an application, configure the application, search for his or her data, then work to identify and install the nearest printer, they will not be productive (or happy) users. Even when users are fairly experienced in the use of Windows, searching for documents and printers can be a real headache. A well-implemented desktop can save users from these speed bumps, reduce Help desk calls, and increase user productivity. In this chapter, we will cover user profiles and various ways you can implement and control them (for an overview, see the sidebar “Group Policy, Scripting, and Third-Party Solutions”). We will also discuss what might be considered the most critical aspect of desktop administration—user data management. Group Policy, Scripting, and Third-Party Solutions Many of the issues covered with regard to desktop administration lend themselves to one of three primary solutions: Group Policy, scripting, and third-party solutions. Group Policy provides a specific set of solutions to certain problems; where appropriate, I’ve pointed out these capabilities throughout this chapter. Group Policy is popular with its users; however, as a result of Group Policy’s strict requirements, a great many organizations can’t take advantage of the benefits of this desktop administration solution. Group Policy requires AD, and its managed clients must be running Win2K or later—thus, Windows 9x, Windows ME, and other clients are out of luck in terms of using Group Policy. Even if you use Group Policy on your network, this solution can’t do it all. In environments in which you need to address specific requirements (for example, your network has legacy desktops), scripting is often the tool that will get the job done. In Chapter 7, we will explore how you can script solutions to several desktop administration issues. Finally, if scripting isn’t within your skill set or your needs are robust enough to demand a supported, documented, and evolving solution, third-party software is the choice for you. Although scripting your own solution is
Load more

Recommended publications
  • Add Administrator to Roaming Profile Group Policy
    Add Administrator To Roaming Profile Group Policy Imputative and unfashioned Ignacius intruded his waterproofing instigating grump expansively. Shifting and colory Vince burkes while transeunt Tedrick departmentalises her hausfrau long and estranged thenceforth. Carangoid and ex-directory Redford outsum her Gloucestershire pats or annoys disgracefully. Is done to take advantage of horizon agent redirection to administrators group on as the properties panel is created an external network computer settings roaming to profile group policy We have change. The Administrator account so by default the only direction that is enabled Mirroring. The salvage to user store location you define via policy always include AD. Computer group that profile is summoned to add you administrator groups can query and. After checking for roaming policies? By default groups in administrator to a policy is a new gpo icon or implementing new profile version is specified by this is reduce and delegation pane. Not sure if that goal possible can the GUI. System User Profiles Add the Administrators security group to roaming user profiles Enabled. This method allows you to granularly configure a users roaming profile path location however coverage is option lot more laborious process of ensure those they are handsome with your folder redirection policy period is also applied to the users. A junior administrator deleted a GPO accidentally but violet had backed it up. No changes made to statistically evaluate the local credentials from this process more efficient way it allows you to roaming. File share name of roaming. Which adds to administrators can without any policy! Allocate sufficient storage and roaming to add profile group policy provides the footprints and.
    [Show full text]
  • Windows 10 Rollout Programme
    Windows 10 Rollout Programme Key decision points for consideration 1. Folder Redirection 2. Admin Rights 3. Roaming Profiles 4. Data Ownership W10 - Key Decision 1 - Folder Redirection We are consulting with College and Service Group Representatives on Folder Redirection for Windows 10 as follows: 1) Please respond by accepting the only offered solution option 1 below 2) Or by rejecting with reasons for that response. Options: Option 1 – Folder redirection ON for desktop clients but OFF for mobile clients. This is the same as the existing SD7 “Windows 7” and “MDSD Windows 8” folder redirection configuration. This “option” is recommended by the service team. W10 - Key Decision 2 - Admin Rights 1) Please respond by choosing one or more from the options presented below. 2) Or by rejecting all options with reasons for that response. Option 1 – Admin rights for end users are enabled on request, are not reviewed, and are rarely revoked. This is the current solution. Enables users to install any application they want, which means that: The estate is vulnerable to threats posed by Potentially Unwanted Applications (PUAs). Applications which install to provide some stated function but modify the OS in unknown ways, e.g. install as search toolbar but harvest web activity. The estate is vulnerable to threats from unmanaged applications. E.g. Applications dependant on insecure versions of Java, Flash or .Net. End user’s files, data and information is unprotected. E.g. PUA’s which inspect html traffic on client and inject paid advertisements. Enables users to change a range of setting on a device, which means that: The state of estate is uncontrolled and unknown.
    [Show full text]
  • Understanding Device Configurations | 3
    Understanding Device LESSON 1 Configurations OBJECTIVE DOMAIN MATRIX TECHNOLOGY SKILL OBJECtIVE DOMAIN DEsCRIPtION OBJECtIVE DOMAIN NUMBER Configuring Device Options Configure device options 1.1 • Understanding Microsoft Accounts • Configuring Control Panel • Configuring System Options • Changing Date and Time • Managing Devices Configuring Desktop Settings Configure desktop settings 1.2 • Configuring the Start Menu • Configuring User Profiles • Configuring Display Settings • Configuring Shortcuts • Understanding Group Policy Configuring Drive Encryption Configure drive encryption 1.3 • Preparing for File Encryption • Configuring BitLocker Configuring Updates Configure updates 1.4 • Understanding Windows Update • Understanding App Updates • Understanding Device System Updates COPYRIGHTED MATERIAL KEY TERMS Action Center Computer Configuration node encryption Active Directory accounts decryption Group Policy Administrative Tools device driver Group Policy objects (GPOs) BitLocker Drive Encryption Device Manager Internet Protocol Security (BDE) Devices and Printers folder (IPsec) Cortana domain‐based accounts Jump List Control Panel Encrypting File System (EFS) live previews 1 MOAC_Exam_98-368_c01.indd 1 12/26/2015 2:29:42 PM 2 | Lesson 1 live tiles Recycle Bin user account local user accounts resolution user profile local user profile roaming user profile User State Migration Tool mandatory user profile shortcut Windows Easy Transfer Microsoft accounts Secure Sockets Layer (SSL) Windows Server Update Microsoft Management Transport Layer Security (TLS) Service (WSUS) Console (MMC) Trusted Platform Module Windows Update Patch Tuesday (TPM) pin User Configuration node You work as an IT technician for the Contoso Corporation, which has hundreds of computers with a good mix between desktop computers and laptop computers. In addi‑ tion, several users use smartphones and tablets to access their emails and documents. As an administrator, you need to ensure that your computers are fully functional and secure.
    [Show full text]
  • Vmware User Environment Manager Administrator's Guide
    User Environment Manager Administrator’s Guide ® VMware User Environment Manager V E R S I O N 8 . 7 .0 You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. Copyright © 2015 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com User Environment Manager Contents 1 Welcome ............................................................................................ 9 1.1 VMware User Environment Manager ................................................ 10 1.1.1 Application Configuration Management ....................................... 10 1.1.2 User Environment settings ........................................................ 10 1.1.3 Personalization ........................................................................ 11 1.1.4 Application Migration ................................................................ 11 1.1.5 Dynamic Configuration ............................................................. 11 2 Planning your deployment ............................................................... 12 2.1 VMware User Environment Manager terminology ............................... 12 2.2 User profile scenario considerations ................................................. 13 2.2.1 Mandatory profiles ................................................................... 13 2.2.2 Roaming profiles .....................................................................
    [Show full text]
  • Copyrighted Material
    Index Note to the reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations. Active Directory groups, strict control of, Numbers 476–479 802.3 and Wireless Policy Client-Side Active Directory Sites and Services tool, 24 Extension, 368 for manual replication, 398 802.3 Wired Policy Active Directory Users and Computers, 27, on slow networks, 172 54, 612 for Vista, 527–528 attribute editor, 455 802.11 Wireless Policy vs. GPMC, 35–36 on slow networks, 171 and Group Policy, 33 for Vista, 527–528 logon script visibility to user, 795 for Windows XP, 527 to view GPCs and GUIDs, 351, 352 Active X controls, 804 Add or Remove Programs folder, 736 user removal of application with, 743 A Add/Remove Programs control panel, application display on, 746 files, 363, 749 .AAS Add/Remove Snap-in dialog box, 15, 35 account management, auditing, 460 Add/Remove Templates dialog box, 317 Accounts: Administrator account status Add the Administrators Security Group to policy setting, 440, 515 Roaming User profiles policy setting, Accounts: Guest account status policy 596, 606 setting, 441 Add Upgrade Package dialog box, 750, 750 Accounts: Rename administrator account .ADM files, 238–239, 293, 362 policy setting, 440 vs. ADMX files, 301–302 Accounts: Rename guest account policy distributing updated definitions to setting, 440 administrators, 305–306 settings available for, 112 for Group Policy Object Editor, 184 ACLs, troubleshooting, 404–405 introduction, 298–299 Action on Server
    [Show full text]
  • Mac OS X Server Windows Services Administration for Version 10.3 Or Later
    034-2356_Cvr 9/12/03 10:28 AM Page 1 Mac OS X Server Windows Services Administration For Version 10.3 or Later LL2356.book Page 2 Thursday, September 4, 2003 3:21 PM Apple Computer, Inc. © 2003 Apple Computer, Inc. All rights reserved. The owner or authorized user of a valid copy of Mac OS X Server software may reproduce this publication for the purpose of learning to use such software. No part of this publication may be reproduced or transmitted for commercial purposes, such as selling copies of this publication or for providing paid for support services. Every effort has been made to ensure that the information in this manual is accurate. Apple Computer, Inc., is not responsible for printing or clerical errors. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation.
    [Show full text]
  • Installing and Configuring Vmware Dynamic Environment Manager
    Installing and Configuring VMware Dynamic Environment Manager VMware Dynamic Environment Manager 9.11 Installing and Configuring VMware Dynamic Environment Manager You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2020 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 2 Contents About Installing and Configuring VMware Dynamic Environment Manager 6 1 Introduction to VMware Dynamic Environment Manager 7 Application Configuration Management 7 User Environment Settings 8 Personalization of Application and Windows Settings 8 Migration of Application Settings 9 Dynamic Configuration of the Desktop 9 2 VMware Dynamic Environment Manager Scenario Considerations 10 Using VMware Dynamic Environment Manager with Mandatory Profiles 10 Using VMware Dynamic Environment Manager with Roaming Profiles 11 Using VMware Dynamic Environment Manager with Local Profiles 12 3 Installation and Deployment Prerequisites 14 VMware Dynamic Environment Manager Infrastructure and Terminology 14 Overview of the VMware Dynamic Environment Manager Deployment 16 Infrastructure Requirements 16 VMware Dynamic Environment Manager Configuration Share 17 Profile Archives Share 18 Software Requirements 19 Registry Access Requirements 20 Licensing Requirements 20 4 Installing VMware Dynamic Environment Manager 21 Overview of the VMware Dynamic Environment Manager Deployment 22 Install VMware Dynamic Environment
    [Show full text]
  • Working with Workgroups and Domains
    Working with Workgroups and Domains Lesson 9 Objectives • Understand users and groups • Create and manage local users and groups • Understand the difference between workgroups and domains • Configure user account control (UAC) Working with Users and Groups • Users • Group – A collection of users – Authentication – Authorization •Permissions •User rights Understanding Local and Domain Users • Homegroup • Workgroup • Domain Introducing the Homegroup • Simplified networking • Allows users on a home network to share the contents of their libraries without creating user accounts and permissions Introducing the Workgroup • Peer-to-peer network • Each computer can function as both a server and a client • Each computer has its own set of users and groups to control access to its own resources • Small networks, little security required Introducing the Domain • Collection of computers that utilize a central directory service for authentication and authorization • At least one Domain Controller is required Domain Controller Local User Accounts Local User Account Properties Domain User Accounts Domain Account Properties Introducing Built-In Local Users • Administrator • New User Account • Guest Understanding Local and Domain Groups Using Local Groups • You can only use local • Local groups cannot have other groups on the computer local groups as members. where you create them. However, they can have domain • Only local users from the groups as members. same computer can be • You can only assign members of local groups. permissions to local groups • When the computer is a when you are controlling access member of an AD DS to resources on the local domain, local groups can computer. have domain users and • You cannot create local groups domain global groups as on a Windows server computer members.
    [Show full text]
  • Microsoft Shared Computer Toolkit for Windows XP Handbook
    Microsoft Shared Computer Toolkit for Windows XP Handbook The Microsoft Shared Computer Toolkit for Windows XP, v1.0 The information in this document and any document referenced herein is provided for informational purposes only, is provided AS IS AND WITH ALL FAULTS and cannot be understood as substituting for customized service and information that might be developed by Microsoft Corporation for a particular user based upon that user’s particular environment. RELIANCE UPON THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN IS AT THE USER’S OWN RISK. MICROSOFT CORPORATION PROVIDES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION CONTAINED IN THIS DOCUMENT AND ANY DOCUMENT REFERENCED HEREIN. Microsoft Corporation provides no warranty and makes no representation that the information provided is in this document or any document referenced herein is suitable or appropriate for any situation, and Microsoft Corporation cannot be held liable for any claim or damage of any kind that users of this document or any document referenced herein may suffer. Your retention of and/or use of this document and/or any document referenced herein constitutes your acceptance of these terms and conditions. If you do not accept these terms and conditions, Microsoft Corporation does not provide you with any right to use any part of this document or any document referenced herein. Complying with the applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
    [Show full text]
  • Virtualizing Desktops and Apps with Windows Server 2012 R2 Inside
    with Windows Server 2012 R2 Virtualizing Desktops & Apps Virtualizing Desktops & Apps with Windows Server 2012 R2 Inside OUT Conquer Windows Server 2012 R2 For Experienced virtualization—from the inside out! IT Professionals • Your job role: IT administrator in any Dive into Windows Server 2012 R2 virtualization—and really put midsized or large organization that is using or considering Microsoft virtual­ your systems expertise to work. Focusing on both virtual desktop ization technologies based on Windows infrastructure and virtualized applications, this supremely organized Server 2012 R2 reference packs hundreds of timesaving solutions, tips, and work­ • Prerequisites: Working knowledge of arounds. Discover how the experts tackle Windows virtualization— Windows client and server administra­ and challenge yourself to new levels of mastery. tion; basic knowledge of virtualization concepts • Use virtualization to prevent business disruption, help improve security, simplify upgrades, and support mobile users About the Authors Inside OUT Byron Wright, MVP (Microsoft Exchange Plan and deploy User State Virtualization for a consistent experience • Server), is a consultant specializing in across locations and devices Windows Server, Exchange Server, and The ultimate, in-depth reference • Define users, applications, and scenarios for any virtualization project Microsoft Office 365 solutions. He teaches Hundreds of timesaving solutions • Compare and deploy both session­based and virtual machine–based Management Information Systems (MIS) (VM­based) desktops and networking at the University of Man­ Supremely organized, packed itoba’s Asper School of Business and has Configure Client Hyper-V and work with VMs in a Client Hyper-V • co authored Microsoft official curricula with expert advice environment and the Windows Server 2008 Active • Install, design, configure, and administer Microsoft Application Directory Resource Kit.
    [Show full text]
  • User Data and Settings Management Page 1 of 27
    User Data and Settings Management Page 1 of 27 Windows XP Professional User Data and Settings Management By Craig Marl Microsoft Corporation Published: March 2002 Abstract This white paper explains the IntelliMirror® user data and settings management features in Microsoft® Windows® Server 2003. These key components of change and configuration management can help administrators reduce total cost of ownership (TCO). Acknowledgements Craig Marl, program manager, Microsoft Corporation. John Kaiser, technical editor, Microsoft Corporation. Introduction User data includes the documents, images, spreadsheets, presentations and e-mail messages on a user’s computer. User settings include application configurations, preferences, window sizes, toolbar settings and so forth on a user’s computer. With Microsoft® IntelliMirror® management technologies, administrators can manage user data and settings in ways that reduce the total cost of ownership (TCO) for the computing systems. By using IntelliMirror on both the server and client, administrators can protect and manage user data and settings. Non-recoverable data from local workstations can be copied to servers, where it can be easily backed up and centrally managed. Personalized data, applications, and settings can follow each user to different computers throughout the network. Administrators can easily replace faulty computers and restore all user data and settings on a new computer. When fully deployed, IntelliMirror uses the Active Directory® service and Group Policy for policy-based management of user desktops. A Windows 2000, Windows XP Professional or Windows Server 2003 computer can be automatically configured to meet specific requirements of a user’s business roles, group memberships, and location. Group Policy and the Active Directory are not necessary for every IntelliMirror feature.
    [Show full text]
  • Enabling Modern Workstyles with Microsoft Virtual Desktop
    Enable Modern Work Styles with Microsoft VDI David De Backer Device and Desktop Solutions Specialist Empowering User and Device People-centric IT Management Access and Microsoft Information Virtual Protection Desktop Infrastructure Today’s challenges Users Devices Apps Data Users expect to be able to The explosion of devices is Deploying and managing Users need to be productive work in any location and eroding the standards-based applications across while maintaining have access to all their approach to corporate IT. platforms is difficult. compliance and reducing work resources. risk. People-centric IT Enable your end users Allow users to work on the devices of their choice and provide consistent access to corporate resources. Unify your environment Deliver a unified application and Users Devices Apps Data device management on- premises and in the cloud. Protect your data Help protect corporate Management. Access. Protection. information and manage risk. Why Microsoft VDI? Enable users to access Protect against loss corporate apps and and leaks of sensitive data from any corporate data device/any location Deliver great user experience Why Microsoft Centrally administer and VDI? manage desktops Balance user requirements with Save resources with Reduce time to deploy corporate compliance the flexible storage applications and options right to your updates environment VDI with Windows Server 2012 Powered by Windows Server 2012 Desktop Pooled Personal Firewall sessions VMs VMs 1 platform • 1 experience • 3 deployment choices Corporate Office Branch Office Home Public Location Choosing the Right VDI Architecture Sessions Pooled VMs Personal VMs Good Better Best Personalization App compatibility Ease of management Cost effectiveness Solution Principles Efficient Management Best Value for VDI Rich User Experience Easy deployment automates deploying and User Profile Disk maintains user RemoteFX for wide area network (WAN) configuring server roles.
    [Show full text]