How to copy profiles in Windows 2008 R2 and Windows 7

In Windows 2008 R2 and Windows 7, Microsoft has disabled the Copy To.. button on the User Profiles screen.

This process has been used for years to create a custom default user profiles and now they go and break that with no real workaround.

They want people to move to Windows 2008 and Windows 7 but they keep doing things like this that keep companies away from deploying it.

They say they did this because there are issues with copying user profiles and instead want you to use the methods in the KB – http://support.microsoft.com/default.aspx?scid=kb;EN-US;959753

I have had a lot of questions on this of late so I decided to do some research to figure out a workaround. Thankfully someone else has already did the work and has come up with a good workaround.

http://joeelway.spaces.live.com/blog/cns!2095EAC3772C41DB!2708.entry

Advertisements

New Exchange 2007 Tools from U-BTech

I was showing a client the “Exchange Tasks 2007” tool from U-BTech website yesterday and noticed some new free tools for Exchange 2007 and Windows 2008.

  • Certificate Manager for Exchange 2007 -Exchange 2007 enables SSL within IIS by default. Using PowerShell commands, certificate creation and management is quite confusing and often results with incorrect results due to the nature of the syntax. U-BTech Solutions is providing Certificate Manager for Exchange Server 2007 freely, to ease the process with a simple, easy to use GUI.http://www.u-btech.com/products/certificate-manager-for-exchange-2007.html
  • SimplyPSO – Windows Server 2008 introduces a new feature to create separate password policies for different users or groups within the same Active Directory domain. In all previous versions of the Windows Server family of products, password policy has been configured on the domain level alone. The new feature is called fine grained password policy objects and is available when the domain functionality level is set to: Windows Server 2008 native. Unfortunately, there is no simple user interface to configure Password Settings Objects in the Windows Server 2008 environment and in order to configure PSOs, we need to dive deep into the ADSI editing tool. SimplyPSO is a graphical and useful tool that can be invoked directly from the Active Directory Users and Computers snap-in. http://www.u-btech.com/products/simplypso.htm
  • ESIEMail Protector – ESIEMail Protector (pronounced EASY Mail Protector) is a product dedicated to one goal: “Securing your email communications”. By using ESIEMail Protector you can use Encryption, Digital Signature and IRM Permissions (Information Rights Management) to secure your messaging environment, hence the name. http://www.u-btech.com/products/esiemail-protector.html

Windows 2008 Partitioning Alignment

The partitioning alignment “bug” in Windows 2003 and earlier has been fixed in Windows 2008.

You no longer have to use diskpart.exe to align new partitions in Windows 2008.

http://technet.microsoft.com/en-us/library/bb738145.aspx

http://theessentialexchange.com/blogs/michael/archive/2008/03/07/Exchange-2007-Disk-Performance-Partition-Alignment-.aspx

Mandatory User Profiles in Windows 2008 Terminal Server and XenApp 5

Some of you may have already known about the mandatory profile change in Windows 2008 but I had no idea. I recently did my first Citrix XenApp 5 – Windows 2008 project and had a hard time getting the mandatory profile working.

After some searching I found that the mandatory profile folder name has to have a “.v2” appended to the end of the folder name. The reason Microsoft made this change is because the user profile sturcture in Vista and Windows 2008 is a lot different than in previous versions of Windows. By forcing you to append .v2 to the end of the folder prevents Windows 2008 from trying to load a profile from a previous version of Windows.

It was a little tricky configuring Group Policy to point to the mandatory profile with a .v2 on the folder name. When I first configured the “Set path for TS Roaming User Profile” setting I set it to %logonserver%\netlogon\xenapp-prof.v2. This didn’t work, I had to set the profile path to %logonserver%\netlogon\xenapp-prof and then Windows 2008 automatically appends .v2 to the end when looking for the path.

gpots

So to recap,

  1. I created a mandatory profile with the folder name “xenapp-prof.v2”.
  2. I configured my profile path to point to “%logonserver%\netlogon\xenapp-prof”. If you configure the profile path with a .v2 it will not work.

How to Build a Windows 2008 VMware ESX VM Template

NOTE – VMware Virtual Center 2.5 Update 4 or vCenter 4 is required to use Guest Customizations with Windows 2008.

http://www.vmware.com/support/vi3/doc/vi3_vc25u4_rel_notes.html#whatsnew

Link to the PDF version of thishttp://www.divshare.com/download/9496736-c61

For Windows 2008 R2 if you are installing on vSphere 4 without Update 1  or on ESX 3.5 without update 5 set the Template VM OS to Windows 2008 instead of Windows 2008 R2. After a new VM is deployed from the template and guest customization as finished you can set the OS back to Windows 2008 R2.

1. Use an ISO for faster OS setup.

2. Build a new VM that has at least 1 GB RAM and a 20 GB drive.

3. Attach the Windows 2008 ISO to the CD/DVD drive and set it to connect at power on.

4. On the VM Edit Settings window go to the Options tab and in the General section uncheck the Enable logging check box.
clip_image002

5. Go to the Boot Options section and check the box to force going into the BIOS on next boot.
clip_image004

6. Power on the VM and when the setup screen appears go to Advanced, I/O Device Configuration.
clip_image006

7. Disable the Serial and Parallel ports.
clip_image008

8. Go to the Boot menu and set the CD-ROM first in the boot order.
clip_image010

9. Save, exit and install Windows 2008, during the install choose either Standard or Enterprise.

10. On first boot up after install set the Administrator password.

11. Close the “Initial Configuration Tasks” window, after the VMware Tools have been installed we will configure the server.
clip_image012

12. Close the “Server Manager” window.
clip_image014

13. Disconnect the Windows 2008 ISO and set the device type to Client Device.
clip_image016

14. Install VMware Tools, choose Custom install type.
clip_image018

15. Disable the “Shared Folders” driver. This driver can cause issues with profiles unloading properly.
clip_image020

16. Set the “Hardware acceleration” to Full before reboot.
clip_image022

17. After reboot from the VMware Tools install configure the time zone.
clip_image024

18. Configure Networking. Uninstall these networking components. It is best to remove any components not needed to free up resources.

a. QoS Packet Scheduler – Not needed unless you are doing QoS at the Windows layer instead of the L2/L3 switch layer.

b. Link Layer Topology Discovery components – http://en.wikipedia.org/wiki/Link_Layer_Topology_Discovery

c. Uncheck TCP/IP v6
clip_image026

19. Leave the IP address set to DHCP unless DHCP isn’t available on the network.

20. Set the computer name to W2K8TEMPALTE
clip_image028

21. Download and install updates. Turn on Windows Updates to download and notify before install.
clip_image030

22. Check for updates and install the latest critical and recommended updates. If the updates fail to download restart and try again.

23. Enable Remote Desktop
clip_image032

24. Disable the Windows Firewall.

25. Below is a screen shot of how the server should be configured.
clip_image034

26. Check the box to “Do not show this window at logon” and click Close.

27. When the Server Manager window opens check the box to “Do not show me this console at logon” and close Server Manager.
clip_image036

28. Go to the Taskbar properties and check these boxes.
clip_image038

29. Go to the Start Menu tab and check these boxes.
clip_image040

30. Click Customize and check these boxes.
clip_image042clip_image044

31. Go to the Notification Area tab and check these boxes.
clip_image046

32. Click OK.

33. Go to Computer properties on the desktop and set the Performance options below.
clip_image048

34. Right-click on the desktop and go to Personalization.
clip_image050

35. Go to Screen Saver and set it to blank.
clip_image052

36. Disable the system screen saver, this is the screen saver that starts when no user is logged into the system. Go to start run and type regedit. Browse to this registry path “HKEY_USERS\.DEFAULT\Control Panel\Desktop” and delete the SCRNSAVE.EXE name.
clip_image054

37. Go to Sounds, when prompted choose No.
clip_image056

38. Set the Sound scheme to No Sounds.
clip_image058

39. Click on Change desktop Icons and uncheck the boxes below.
clip_image060
clip_image062

40. Go to Settings Control Panel. Go to View and choose Status Bar and Details
clip_image064

41. Go to Tools, Folder Options, View tab and check/uncheck these boxes.
clip_image066 clip_image068

42. Apply and apply to folders.

43. Delete the Desktop.ini files on the desktop.
clip_image070

44. Right-click on the desktop and arrange icons by Name.

45. Go to Start, Programs, Administrative Tools, Server Manger and click on Configure IE ESC, set it to off for both Administrators and Users.
clip_image072

46. Go to Internet Explorer properties and set the home page to blank.
clip_image074

47. Go to the Advanced tab and check/uncheck these boxes.
clip_image076 clip_image078

48. Clear the C:\Users\Administrator\AppData\Local\Temp folder.
clip_image080

49. Go to the properties of the C drive and uncheck the “Index this drive for faster searching” box, click apply and choose Apply changes to drive c:\ only.
clip_image082

50. Go to the cmd prompt and type powercfg.exe -h off to disable hibernation. This command also deletes the hiberfile.sys from C:\
clip_image084

51. Delete the page file and reboot. This is so the C drive can be fully defragmented.
clip_image086

52. After reboot login and delete the pagefile.sys from the C: drive. Defragment the C: drive. After defragmentation completes reconfigure the page file system managed.

53. Go to Control Panel, Power options and set the Power Plan to High performance.
clip_image088

54. Click the change plan settings and set both options to Never.
clip_image090

55. Stop and disable the Windows Firewall service.

56. Create a new temporary user named ptemp and add the user to the local administrators group.

57. Log out an login as ptemp

58. Go to Computer properties, Advanced system settings, User Profiles, Settings
clip_image092

59. Select Administrator and choose Copy To… Type C:\Users\Default and change Permitted to use to Authenticated Users.

NOTE – FOR WINDOWS 2008 R2 FOLLOW THESE INSTRUCTIONS FOR COPYING THE USER PROFILE.https://jeremywaldrop.wordpress.com/2009/09/18/how-to-copy-profiles-in-windows-2008-r2-and-windows-7/
clip_image094

60. Logout and login as Administrator, delete the ptemp user profile and user account.

61. Go to C:\Users\Default and delete the old NTUSER.DAT{ files.
clip_image096

62. Delete these folders.
clip_image098

63. Shutdown the VM.

64. Convert the VM to a template.

65. Create a Windows 2008 Customization Specification for Windows 2008. You do not need to worry about the sysprep files. In Vista and Windows 2008 sysprep is in C:\Windows\System32\sysprep. When the guest OS type is set to Vista VMware VC knows that the sysprep files are already on the OS.
clip_image102

66. When a new VM gets deployed from this template choose your Windows 2008 specification.

67. On first boot up the VM will boot up to a login screen, do not login the VM will reboot automatically after a minute. On the next boot up you should see this screen appear.
clip_image104

68. And this screen. This process may take a few minutes, so be patient.
clip_image106

69. The VM will automatically reboot again. Login and shutdown the VM.

71. The VM is now ready for use.