A profile is a folder that contains all the settings pertaining to a users work environment on the system. By default these settings are stored under C:/Users Folder or C:/Documents and Settings in older operating system. A roaming profile on the other hand is stored on a network drive instead of a local folder . It is downloaded and cached on the system where user logs on.This cached profile is saved back to the server once the user logs out of the system. The advantage here is that user can log on to any system and have a consistent work environment.
Creating a roaming profile is not that complicated. Lets quickly go through the basic steps that you need to follow to configure roaming profile.
Creating a File Share and Enabling Roaming Profile Setting
Create a Profile Folder – Lets create a folder in D drive named “GoldShares” and a sub folder named “Profiles” under it. Note** Make sure you have a dedicated volume setup for profile shares in production environment.
Disable permission inheritance on “Profiles” folder and configure the permissions as shown below.
Share Permissions – Share the “Profiles” folder as a hidden (Profiles$) and edit the share permissions as below.
Check Accessibility – Verify if you are able to access the folder using the UNC path.
Group Policy Settings – In order for Administrators to have full access on all the roaming profile folders we need to enable the below gpo. This is needed in case the profile needs to be backed up or restored during issues. GPO Path “Computer Configuration/Administrative Templates/System/User Profile”
You can now go on to “Active Directory Users and Computers” , select all the user accounts and right click them to edit their Profile Path as shown in the figure below. You can also select individual accounts if needed.
Test – Login with one of those accounts and see if a folder is created under profiles share.
Note ** You will have folders in the share only when user logins to any of the system in the domain.
Make some changes in the profile and log off. Profile is saved back on to the shared location. Now login to another system to see if the profile changes are visible. That’s it !!! You have now finished the basic configuration of roaming profile in your domain.