summaryrefslogtreecommitdiff
path: root/docs/htmldocs/profilemgmt.html
diff options
context:
space:
mode:
Diffstat (limited to 'docs/htmldocs/profilemgmt.html')
-rw-r--r--docs/htmldocs/profilemgmt.html1753
1 files changed, 0 insertions, 1753 deletions
diff --git a/docs/htmldocs/profilemgmt.html b/docs/htmldocs/profilemgmt.html
deleted file mode 100644
index 7357336193..0000000000
--- a/docs/htmldocs/profilemgmt.html
+++ /dev/null
@@ -1,1753 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<HTML
-><HEAD
-><TITLE
->Desktop Profile Management</TITLE
-><META
-NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
-REL="HOME"
-TITLE="SAMBA Project Documentation"
-HREF="samba-howto-collection.html"><LINK
-REL="UP"
-TITLE="Advanced Configuration"
-HREF="optional.html"><LINK
-REL="PREVIOUS"
-TITLE="System and Account Policies"
-HREF="policymgmt.html"><LINK
-REL="NEXT"
-TITLE="Interdomain Trust Relationships"
-HREF="interdomaintrusts.html"></HEAD
-><BODY
-CLASS="CHAPTER"
-BGCOLOR="#FFFFFF"
-TEXT="#000000"
-LINK="#0000FF"
-VLINK="#840084"
-ALINK="#0000FF"
-><DIV
-CLASS="NAVHEADER"
-><TABLE
-SUMMARY="Header navigation table"
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TH
-COLSPAN="3"
-ALIGN="center"
->SAMBA Project Documentation</TH
-></TR
-><TR
-><TD
-WIDTH="10%"
-ALIGN="left"
-VALIGN="bottom"
-><A
-HREF="policymgmt.html"
-ACCESSKEY="P"
->Prev</A
-></TD
-><TD
-WIDTH="80%"
-ALIGN="center"
-VALIGN="bottom"
-></TD
-><TD
-WIDTH="10%"
-ALIGN="right"
-VALIGN="bottom"
-><A
-HREF="interdomaintrusts.html"
-ACCESSKEY="N"
->Next</A
-></TD
-></TR
-></TABLE
-><HR
-ALIGN="LEFT"
-WIDTH="100%"></DIV
-><DIV
-CLASS="CHAPTER"
-><H1
-><A
-NAME="PROFILEMGMT"
-></A
->Chapter 18. Desktop Profile Management</H1
-><DIV
-CLASS="TOC"
-><DL
-><DT
-><B
->Table of Contents</B
-></DT
-><DT
->18.1. <A
-HREF="profilemgmt.html#AEN3095"
->Roaming Profiles</A
-></DT
-><DD
-><DL
-><DT
->18.1.1. <A
-HREF="profilemgmt.html#AEN3102"
->Samba Configuration for Profile Handling</A
-></DT
-><DD
-><DL
-><DT
->18.1.1.1. <A
-HREF="profilemgmt.html#AEN3105"
->NT4/200x User Profiles</A
-></DT
-><DT
->18.1.1.2. <A
-HREF="profilemgmt.html#AEN3115"
->Windows 9x / Me User Profiles</A
-></DT
-><DT
->18.1.1.3. <A
-HREF="profilemgmt.html#AEN3130"
->Mixed Windows 9x / Me and Windows NT4/200x User Profiles</A
-></DT
-></DL
-></DD
-><DT
->18.1.2. <A
-HREF="profilemgmt.html#AEN3137"
->Windows Client Profile Configuration Information</A
-></DT
-><DD
-><DL
-><DT
->18.1.2.1. <A
-HREF="profilemgmt.html#AEN3139"
->Windows 9x / Me Profile Setup</A
-></DT
-><DT
->18.1.2.2. <A
-HREF="profilemgmt.html#AEN3175"
->Windows NT4 Workstation</A
-></DT
-><DT
->18.1.2.3. <A
-HREF="profilemgmt.html#AEN3184"
->Windows 2000/XP Professional</A
-></DT
-></DL
-></DD
-><DT
->18.1.3. <A
-HREF="profilemgmt.html#AEN3257"
->Sharing Profiles between W9x/Me and NT4/200x/XP workstations</A
-></DT
-><DT
->18.1.4. <A
-HREF="profilemgmt.html#AEN3264"
->Profile Migration from Windows NT4/200x Server to Samba</A
-></DT
-><DD
-><DL
-><DT
->18.1.4.1. <A
-HREF="profilemgmt.html#AEN3267"
->Windows NT4 Profile Management Tools</A
-></DT
-><DT
->18.1.4.2. <A
-HREF="profilemgmt.html#AEN3290"
->Side bar Notes</A
-></DT
-><DT
->18.1.4.3. <A
-HREF="profilemgmt.html#AEN3294"
->moveuser.exe</A
-></DT
-><DT
->18.1.4.4. <A
-HREF="profilemgmt.html#AEN3297"
->Get SID</A
-></DT
-></DL
-></DD
-></DL
-></DD
-><DT
->18.2. <A
-HREF="profilemgmt.html#AEN3302"
->Mandatory profiles</A
-></DT
-><DT
->18.3. <A
-HREF="profilemgmt.html#AEN3309"
->Creating/Managing Group Profiles</A
-></DT
-><DT
->18.4. <A
-HREF="profilemgmt.html#AEN3315"
->Default Profile for Windows Users</A
-></DT
-><DD
-><DL
-><DT
->18.4.1. <A
-HREF="profilemgmt.html#AEN3318"
->MS Windows 9x/Me</A
-></DT
-><DT
->18.4.2. <A
-HREF="profilemgmt.html#AEN3330"
->MS Windows NT4 Workstation</A
-></DT
-><DT
->18.4.3. <A
-HREF="profilemgmt.html#AEN3384"
->MS Windows 200x/XP</A
-></DT
-></DL
-></DD
-></DL
-></DIV
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="AEN3095"
->18.1. Roaming Profiles</A
-></H1
-><DIV
-CLASS="WARNING"
-><P
-></P
-><TABLE
-CLASS="WARNING"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/warning.gif"
-HSPACE="5"
-ALT="Warning"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->Roaming profiles support is different for Win9x / Me and Windows NT4/200x.</P
-></TD
-></TR
-></TABLE
-></DIV
-><P
->Before discussing how to configure roaming profiles, it is useful to see how
-Windows 9x / Me and Windows NT4/200x clients implement these features.</P
-><P
->Windows 9x / Me clients send a NetUserGetInfo request to the server to get the user's
-profiles location. However, the response does not have room for a separate
-profiles location field, only the user's home share. This means that Win9X/Me
-profiles are restricted to being stored in the user's home directory.</P
-><P
->Windows NT4/200x clients send a NetSAMLogon RPC request, which contains many fields,
-including a separate field for the location of the user's profiles.</P
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3102"
->18.1.1. Samba Configuration for Profile Handling</A
-></H2
-><P
->This section documents how to configure Samba for MS Windows client profile support.</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3105"
->18.1.1.1. NT4/200x User Profiles</A
-></H3
-><P
->To support Windowns NT4/200x clients, in the [global] section of smb.conf set the
-following (for example):</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> logon path = \\profileserver\profileshare\profilepath\%U\moreprofilepath</PRE
->
-
- This is typically implemented like:
-
-<PRE
-CLASS="PROGRAMLISTING"
-> logon path = \\%L\Profiles\%u</PRE
->
-where %L translates to the name of the Samba server and %u translates to the user name</P
-><P
->The default for this option is \\%N\%U\profile, namely \\sambaserver\username\profile.
-The \\N%\%U service is created automatically by the [homes] service. If you are using
-a samba server for the profiles, you _must_ make the share specified in the logon path
-browseable. Please refer to the man page for smb.conf in respect of the different
-symantics of %L and %N, as well as %U and %u.</P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->MS Windows NT/2K clients at times do not disconnect a connection to a server
-between logons. It is recommended to NOT use the <B
-CLASS="COMMAND"
->homes</B
->
-meta-service name as part of the profile share path.</P
-></TD
-></TR
-></TABLE
-></DIV
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3115"
->18.1.1.2. Windows 9x / Me User Profiles</A
-></H3
-><P
->To support Windows 9x / Me clients, you must use the "logon home" parameter. Samba has
-now been fixed so that <KBD
-CLASS="USERINPUT"
->net use /home</KBD
-> now works as well, and it, too, relies
-on the <B
-CLASS="COMMAND"
->logon home</B
-> parameter.</P
-><P
->By using the logon home parameter, you are restricted to putting Win9x / Me
-profiles in the user's home directory. But wait! There is a trick you
-can use. If you set the following in the <B
-CLASS="COMMAND"
->[global]</B
-> section of your <TT
-CLASS="FILENAME"
->smb.conf</TT
-> file:</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> logon home = \\%L\%U\.profiles</PRE
-></P
-><P
->then your Windows 9x / Me clients will dutifully put their clients in a subdirectory
-of your home directory called <TT
-CLASS="FILENAME"
->.profiles</TT
-> (thus making them hidden).</P
-><P
->Not only that, but <KBD
-CLASS="USERINPUT"
->net use/home</KBD
-> will also work, because of a feature in
-Windows 9x / Me. It removes any directory stuff off the end of the home directory area
-and only uses the server and share portion. That is, it looks like you
-specified \\%L\%U for <B
-CLASS="COMMAND"
->logon home</B
->.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3130"
->18.1.1.3. Mixed Windows 9x / Me and Windows NT4/200x User Profiles</A
-></H3
-><P
->You can support profiles for both Win9X and WinNT clients by setting both the
-<B
-CLASS="COMMAND"
->logon home</B
-> and <B
-CLASS="COMMAND"
->logon path</B
-> parameters. For example:</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> logon home = \\%L\%u\.profiles
- logon path = \\%L\profiles\%u</PRE
-></P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3137"
->18.1.2. Windows Client Profile Configuration Information</A
-></H2
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3139"
->18.1.2.1. Windows 9x / Me Profile Setup</A
-></H3
-><P
->When a user first logs in on Windows 9X, the file user.DAT is created,
-as are folders "Start Menu", "Desktop", "Programs" and "Nethood".
-These directories and their contents will be merged with the local
-versions stored in c:\windows\profiles\username on subsequent logins,
-taking the most recent from each. You will need to use the [global]
-options "preserve case = yes", "short preserve case = yes" and
-"case sensitive = no" in order to maintain capital letters in shortcuts
-in any of the profile folders.</P
-><P
->The user.DAT file contains all the user's preferences. If you wish to
-enforce a set of preferences, rename their user.DAT file to user.MAN,
-and deny them write access to this file.</P
-><P
-></P
-><OL
-TYPE="1"
-><LI
-><P
-> On the Windows 9x / Me machine, go to Control Panel -&#62; Passwords and
- select the User Profiles tab. Select the required level of
- roaming preferences. Press OK, but do _not_ allow the computer
- to reboot.
- </P
-></LI
-><LI
-><P
-> On the Windows 9x / Me machine, go to Control Panel -&#62; Network -&#62;
- Client for Microsoft Networks -&#62; Preferences. Select 'Log on to
- NT Domain'. Then, ensure that the Primary Logon is 'Client for
- Microsoft Networks'. Press OK, and this time allow the computer
- to reboot.
- </P
-></LI
-></OL
-><P
->Under Windows 9x / Me Profiles are downloaded from the Primary Logon.
-If you have the Primary Logon as 'Client for Novell Networks', then
-the profiles and logon script will be downloaded from your Novell
-Server. If you have the Primary Logon as 'Windows Logon', then the
-profiles will be loaded from the local machine - a bit against the
-concept of roaming profiles, it would seem!</P
-><P
->You will now find that the Microsoft Networks Login box contains
-[user, password, domain] instead of just [user, password]. Type in
-the samba server's domain name (or any other domain known to exist,
-but bear in mind that the user will be authenticated against this
-domain and profiles downloaded from it, if that domain logon server
-supports it), user name and user's password.</P
-><P
->Once the user has been successfully validated, the Windows 9x / Me machine
-will inform you that 'The user has not logged on before' and asks you
-if you wish to save the user's preferences? Select 'yes'.</P
-><P
->Once the Windows 9x / Me client comes up with the desktop, you should be able
-to examine the contents of the directory specified in the "logon path"
-on the samba server and verify that the "Desktop", "Start Menu",
-"Programs" and "Nethood" folders have been created.</P
-><P
->These folders will be cached locally on the client, and updated when
-the user logs off (if you haven't made them read-only by then).
-You will find that if the user creates further folders or short-cuts,
-that the client will merge the profile contents downloaded with the
-contents of the profile directory already on the local client, taking
-the newest folders and short-cuts from each set.</P
-><P
->If you have made the folders / files read-only on the samba server,
-then you will get errors from the Windows 9x / Me machine on logon and logout, as
-it attempts to merge the local and the remote profile. Basically, if
-you have any errors reported by the Windows 9x / Me machine, check the Unix file
-permissions and ownership rights on the profile directory contents,
-on the samba server.</P
-><P
->If you have problems creating user profiles, you can reset the user's
-local desktop cache, as shown below. When this user then next logs in,
-they will be told that they are logging in "for the first time".</P
-><P
-></P
-><OL
-TYPE="1"
-><LI
-><P
-> instead of logging in under the [user, password, domain] dialog,
- press escape.
- </P
-></LI
-><LI
-><P
-> run the regedit.exe program, and look in:
- </P
-><P
-> HKEY_LOCAL_MACHINE\Windows\CurrentVersion\ProfileList
- </P
-><P
-> you will find an entry, for each user, of ProfilePath. Note the
- contents of this key (likely to be c:\windows\profiles\username),
- then delete the key ProfilePath for the required user.
-
- [Exit the registry editor].
-
- </P
-></LI
-><LI
-><P
-> <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->WARNING</I
-></SPAN
-> - before deleting the contents of the
- directory listed in the ProfilePath (this is likely to be
- <TT
-CLASS="FILENAME"
->c:\windows\profiles\username)</TT
->, ask them if they
- have any important files stored on their desktop or in their start menu.
- Delete the contents of the directory ProfilePath (making a backup if any
- of the files are needed).
- </P
-><P
-> This will have the effect of removing the local (read-only hidden
- system file) user.DAT in their profile directory, as well as the
- local "desktop", "nethood", "start menu" and "programs" folders.
- </P
-></LI
-><LI
-><P
-> search for the user's .PWL password-caching file in the c:\windows
- directory, and delete it.
- </P
-></LI
-><LI
-><P
-> log off the windows 9x / Me client.
- </P
-></LI
-><LI
-><P
-> check the contents of the profile path (see "logon path" described
- above), and delete the user.DAT or user.MAN file for the user,
- making a backup if required.
- </P
-></LI
-></OL
-><P
->If all else fails, increase samba's debug log levels to between 3 and 10,
-and / or run a packet trace program such as ethereal or netmon.exe, and
-look for error messages.</P
-><P
->If you have access to an Windows NT4/200x server, then first set up roaming profiles
-and / or netlogons on the Windows NT4/200x server. Make a packet trace, or examine
-the example packet traces provided with Windows NT4/200x server, and see what the
-differences are with the equivalent samba trace.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3175"
->18.1.2.2. Windows NT4 Workstation</A
-></H3
-><P
->When a user first logs in to a Windows NT Workstation, the profile
-NTuser.DAT is created. The profile location can be now specified
-through the "logon path" parameter.</P
-><P
->There is a parameter that is now available for use with NT Profiles:
-"logon drive". This should be set to <TT
-CLASS="FILENAME"
->H:</TT
-> or any other drive, and
-should be used in conjunction with the new "logon home" parameter.</P
-><P
->The entry for the NT4 profile is a _directory_ not a file. The NT
-help on profiles mentions that a directory is also created with a .PDS
-extension. The user, while logging in, must have write permission to
-create the full profile path (and the folder with the .PDS extension
-for those situations where it might be created.)</P
-><P
->In the profile directory, Windows NT4 creates more folders than Windows 9x / Me.
-It creates "Application Data" and others, as well as "Desktop", "Nethood",
-"Start Menu" and "Programs". The profile itself is stored in a file
-NTuser.DAT. Nothing appears to be stored in the .PDS directory, and
-its purpose is currently unknown.</P
-><P
->You can use the System Control Panel to copy a local profile onto
-a samba server (see NT Help on profiles: it is also capable of firing
-up the correct location in the System Control Panel for you). The
-NT Help file also mentions that renaming NTuser.DAT to NTuser.MAN
-turns a profile into a mandatory one.</P
-><P
->The case of the profile is significant. The file must be called
-NTuser.DAT or, for a mandatory profile, NTuser.MAN.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3184"
->18.1.2.3. Windows 2000/XP Professional</A
-></H3
-><P
->You must first convert the profile from a local profile to a domain
-profile on the MS Windows workstation as follows:</P
-><P
-></P
-><UL
-><LI
-><P
-> Log on as the LOCAL workstation administrator.
- </P
-></LI
-><LI
-><P
-> Right click on the 'My Computer' Icon, select 'Properties'
- </P
-></LI
-><LI
-><P
-> Click on the 'User Profiles' tab
- </P
-></LI
-><LI
-><P
-> Select the profile you wish to convert (click on it once)
- </P
-></LI
-><LI
-><P
-> Click on the button 'Copy To'
- </P
-></LI
-><LI
-><P
-> In the "Permitted to use" box, click on the 'Change' button.
- </P
-></LI
-><LI
-><P
-> Click on the 'Look in" area that lists the machine name, when you click
- here it will open up a selection box. Click on the domain to which the
- profile must be accessible.
- </P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="90%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->You will need to log on if a logon box opens up. Eg: In the connect
- as: MIDEARTH\root, password: mypassword.</P
-></TD
-></TR
-></TABLE
-></DIV
-></LI
-><LI
-><P
-> To make the profile capable of being used by anyone select 'Everyone'
- </P
-></LI
-><LI
-><P
-> Click OK. The Selection box will close.
- </P
-></LI
-><LI
-><P
-> Now click on the 'Ok' button to create the profile in the path you
- nominated.
- </P
-></LI
-></UL
-><P
->Done. You now have a profile that can be editted using the samba-3.0.0
-<TT
-CLASS="FILENAME"
->profiles</TT
-> tool.</P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->Under NT/2K the use of mandotory profiles forces the use of MS Exchange
-storage of mail data. That keeps desktop profiles usable.</P
-></TD
-></TR
-></TABLE
-></DIV
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
-></P
-><UL
-><LI
-><P
->This is a security check new to Windows XP (or maybe only
-Windows XP service pack 1). It can be disabled via a group policy in
-Active Directory. The policy is:</P
-><P
->"Computer Configuration\Administrative Templates\System\User
-Profiles\Do not check for user ownership of Roaming Profile Folders"</P
-><P
->...and it should be set to "Enabled".
-Does the new version of samba have an Active Directory analogue? If so,
-then you may be able to set the policy through this.</P
-><P
->If you cannot set group policies in samba, then you may be able to set
-the policy locally on each machine. If you want to try this, then do
-the following (N.B. I don't know for sure that this will work in the
-same way as a domain group policy):</P
-></LI
-><LI
-><P
->On the XP workstation log in with an Administrator account.</P
-></LI
-><LI
-><P
->Click: "Start", "Run"</P
-></LI
-><LI
-><P
->Type: "mmc"</P
-></LI
-><LI
-><P
->Click: "OK"</P
-></LI
-><LI
-><P
->A Microsoft Management Console should appear.</P
-></LI
-><LI
-><P
->Click: File, "Add/Remove Snap-in...", "Add"</P
-></LI
-><LI
-><P
->Double-Click: "Group Policy"</P
-></LI
-><LI
-><P
->Click: "Finish", "Close"</P
-></LI
-><LI
-><P
->Click: "OK"</P
-></LI
-><LI
-><P
->In the "Console Root" window:</P
-></LI
-><LI
-><P
->Expand: "Local Computer Policy", "Computer Configuration",</P
-></LI
-><LI
-><P
->"Administrative Templates", "System", "User Profiles"</P
-></LI
-><LI
-><P
->Double-Click: "Do not check for user ownership of Roaming Profile</P
-></LI
-><LI
-><P
->Folders"</P
-></LI
-><LI
-><P
->Select: "Enabled"</P
-></LI
-><LI
-><P
->Click: OK"</P
-></LI
-><LI
-><P
->Close the whole console. You do not need to save the settings (this
- refers to the console settings rather than the policies you have
- changed).</P
-></LI
-><LI
-><P
->Reboot</P
-></LI
-></UL
-></TD
-></TR
-></TABLE
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3257"
->18.1.3. Sharing Profiles between W9x/Me and NT4/200x/XP workstations</A
-></H2
-><P
->Sharing of desktop profiles between Windows versions is NOT recommended.
-Desktop profiles are an evolving phenomenon and profiles for later versions
-of MS Windows clients add features that may interfere with earlier versions
-of MS Windows clients. Probably the more salient reason to NOT mix profiles
-is that when logging off an earlier version of MS Windows the older format
-of profile contents may overwrite information that belongs to the newer
-version resulting in loss of profile information content when that user logs
-on again with the newer version of MS Windows.</P
-><P
->If you then want to share the same Start Menu / Desktop with W9x/Me, you will
-need to specify a common location for the profiles. The smb.conf parameters
-that need to be common are <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->logon path</I
-></SPAN
-> and
-<SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->logon home</I
-></SPAN
->.</P
-><P
->If you have this set up correctly, you will find separate user.DAT and
-NTuser.DAT files in the same profile directory.</P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3264"
->18.1.4. Profile Migration from Windows NT4/200x Server to Samba</A
-></H2
-><P
->There is nothing to stop you specifying any path that you like for the
-location of users' profiles. Therefore, you could specify that the
-profile be stored on a samba server, or any other SMB server, as long as
-that SMB server supports encrypted passwords.</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3267"
->18.1.4.1. Windows NT4 Profile Management Tools</A
-></H3
-><P
->Unfortunately, the Resource Kit information is specific to the version of MS Windows
-NT4/200x. The correct resource kit is required for each platform.</P
-><P
->Here is a quick guide:</P
-><P
-></P
-><UL
-><LI
-><P
->On your NT4 Domain Controller, right click on 'My Computer', then
-select the tab labelled 'User Profiles'.</P
-></LI
-><LI
-><P
->Select a user profile you want to migrate and click on it.</P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="90%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->I am using the term "migrate" lossely. You can copy a profile to
-create a group profile. You can give the user 'Everyone' rights to the
-profile you copy this to. That is what you need to do, since your samba
-domain is not a member of a trust relationship with your NT4 PDC.</P
-></TD
-></TR
-></TABLE
-></DIV
-></LI
-><LI
-><P
->Click the 'Copy To' button.</P
-></LI
-><LI
-><P
->In the box labelled 'Copy Profile to' add your new path, eg:
- <TT
-CLASS="FILENAME"
->c:\temp\foobar</TT
-></P
-></LI
-><LI
-><P
->Click on the button labelled 'Change' in the "Permitted to use" box.</P
-></LI
-><LI
-><P
->Click on the group 'Everyone' and then click OK. This closes the
- 'chose user' box.</P
-></LI
-><LI
-><P
->Now click OK.</P
-></LI
-></UL
-><P
->Follow the above for every profile you need to migrate.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3290"
->18.1.4.2. Side bar Notes</A
-></H3
-><P
->You should obtain the SID of your NT4 domain. You can use smbpasswd to do
-this. Read the man page.</P
-><P
->With Samba-3.0.0 alpha code you can import all you NT4 domain accounts
-using the net samsync method. This way you can retain your profile
-settings as well as all your users.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3294"
->18.1.4.3. moveuser.exe</A
-></H3
-><P
->The W2K professional resource kit has moveuser.exe. moveuser.exe changes
-the security of a profile from one user to another. This allows the account
-domain to change, and/or the user name to change.</P
-></DIV
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3297"
->18.1.4.4. Get SID</A
-></H3
-><P
->You can identify the SID by using GetSID.exe from the Windows NT Server 4.0
-Resource Kit.</P
-><P
->Windows NT 4.0 stores the local profile information in the registry under
-the following key:
-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList</P
-><P
->Under the ProfileList key, there will be subkeys named with the SIDs of the
-users who have logged on to this computer. (To find the profile information
-for the user whose locally cached profile you want to move, find the SID for
-the user with the GetSID.exe utility.) Inside of the appropriate user's
-subkey, you will see a string value named ProfileImagePath.</P
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="AEN3302"
->18.2. Mandatory profiles</A
-></H1
-><P
->A Mandatory Profile is a profile that the user does NOT have the ability to overwrite.
-During the user's session it may be possible to change the desktop environment, but
-as the user logs out all changes made will be lost. If it is desired to NOT allow the
-user any ability to change the desktop environment then this must be done through
-policy settings. See previous chapter.</P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->Under NO circumstances should the profile directory (or it's contents) be made read-only
-as this may render the profile un-usable.</P
-></TD
-></TR
-></TABLE
-></DIV
-><P
->For MS Windows NT4/200x/XP the above method can be used to create mandatory profiles
-also. To convert a group profile into a mandatory profile simply locate the NTUser.DAT
-file in the copied profile and rename it to NTUser.MAN.</P
-><P
->For MS Windows 9x / Me it is the User.DAT file that must be renamed to User.MAN to
-affect a mandatory profile.</P
-></DIV
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="AEN3309"
->18.3. Creating/Managing Group Profiles</A
-></H1
-><P
->Most organisations are arranged into departments. There is a nice benenfit in
-this fact since usually most users in a department will require the same desktop
-applications and the same desktop layout. MS Windows NT4/200x/XP will allow the
-use of Group Profiles. A Group Profile is a profile that is created firstly using
-a template (example) user. Then using the profile migration tool (see above) the
-profile is assigned access rights for the user group that needs to be given access
-to the group profile.</P
-><P
->The next step is rather important. PLEASE NOTE: Instead of assigning a group profile
-to users (ie: Using User Manager) on a "per user" basis, the group itself is assigned
-the now modified profile.</P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
-> Be careful with group profiles, if the user who is a member of a group also
- has a personal profile, then the result will be a fusion (merge) of the two.
- </P
-></TD
-></TR
-></TABLE
-></DIV
-></DIV
-><DIV
-CLASS="SECT1"
-><H1
-CLASS="SECT1"
-><A
-NAME="AEN3315"
->18.4. Default Profile for Windows Users</A
-></H1
-><P
->MS Windows 9x / Me and NT4/200x/XP will use a default profile for any user for whom
-a profile does not already exist. Armed with a knowledge of where the default profile
-is located on the Windows workstation, and knowing which registry keys affect the path
-from which the default profile is created, it is possible to modify the default profile
-to one that has been optimised for the site. This has significant administrative
-advantages.</P
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3318"
->18.4.1. MS Windows 9x/Me</A
-></H2
-><P
->To enable default per use profiles in Windows 9x / Me you can either use the Windows 98 System
-Policy Editor or change the registry directly.</P
-><P
->To enable default per user profiles in Windows 9x / Me, launch the System Policy Editor, then
-select File -&#62; Open Registry, then click on the Local Computer icon, click on Windows 98 System,
-select User Profiles, click on the enable box. Do not forget to save the registry changes.</P
-><P
->To modify the registry directly, launch the Registry Editor (regedit.exe), select the hive
-<TT
-CLASS="FILENAME"
->HKEY_LOCAL_MACHINE\Network\Logon</TT
->. Now add a DWORD type key with the name
-"User Profiles", to enable user profiles set the value to 1, to disable user profiles set it to 0.</P
-><DIV
-CLASS="SECT3"
-><H3
-CLASS="SECT3"
-><A
-NAME="AEN3324"
->18.4.1.1. How User Profiles Are Handled in Windows 9x / Me?</A
-></H3
-><P
->When a user logs on to a Windows 9x / Me machine, the local profile path,
-<TT
-CLASS="FILENAME"
->HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ProfileList</TT
->, is checked
-for an existing entry for that user:</P
-><P
->If the user has an entry in this registry location, Windows 9x / Me checks for a locally cached
-version of the user profile. Windows 9x / Me also checks the user's home directory (or other
-specified directory if the location has been modified) on the server for the User Profile.
-If a profile exists in both locations, the newer of the two is used. If the User Profile exists
-on the server, but does not exist on the local machine, the profile on the server is downloaded
-and used. If the User Profile only exists on the local machine, that copy is used.</P
-><P
->If a User Profile is not found in either location, the Default User Profile from the Windows 9x / Me
-machine is used and is copied to a newly created folder for the logged on user. At log off, any
-changes that the user made are written to the user's local profile. If the user has a roaming
-profile, the changes are written to the user's profile on the server.</P
-></DIV
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3330"
->18.4.2. MS Windows NT4 Workstation</A
-></H2
-><P
->On MS Windows NT4 the default user profile is obtained from the location
-<TT
-CLASS="FILENAME"
->%SystemRoot%\Profiles</TT
-> which in a default installation will translate to
-<TT
-CLASS="FILENAME"
->C:\WinNT\Profiles</TT
->. Under this directory on a clean install there will be
-three (3) directories: <TT
-CLASS="FILENAME"
->Administrator, All Users, Default User</TT
->.</P
-><P
->The <TT
-CLASS="FILENAME"
->All Users</TT
-> directory contains menu settings that are common across all
-system users. The <TT
-CLASS="FILENAME"
->Default User</TT
-> directory contains menu entries that are
-customisable per user depending on the profile settings chosen/created.</P
-><P
->When a new user first logs onto an MS Windows NT4 machine a new profile is created from:</P
-><P
-></P
-><TABLE
-BORDER="0"
-><TBODY
-><TR
-><TD
->All Users settings</TD
-></TR
-><TR
-><TD
->Default User settings (contains the default NTUser.DAT file)</TD
-></TR
-></TBODY
-></TABLE
-><P
-></P
-><P
->When a user logs onto an MS Windows NT4 machine that is a member of a Microsoft security domain
-the following steps are followed in respect of profile handling:</P
-><P
-></P
-><OL
-TYPE="1"
-><LI
-><P
-> The users' account information which is obtained during the logon process contains
- the location of the users' desktop profile. The profile path may be local to the
- machine or it may be located on a network share. If there exists a profile at the location
- of the path from the user account, then this profile is copied to the location
- <TT
-CLASS="FILENAME"
->%SystemRoot%\Profiles\%USERNAME%</TT
->. This profile then inherits the
- settings in the <TT
-CLASS="FILENAME"
->All Users</TT
-> profile in the <TT
-CLASS="FILENAME"
->%SystemRoot%\Profiles</TT
->
- location.
- </P
-></LI
-><LI
-><P
-> If the user account has a profile path, but at it's location a profile does not exist,
- then a new profile is created in the <TT
-CLASS="FILENAME"
->%SystemRoot%\Profiles\%USERNAME%</TT
->
- directory from reading the <TT
-CLASS="FILENAME"
->Default User</TT
-> profile.
- </P
-></LI
-><LI
-><P
-> If the NETLOGON share on the authenticating server (logon server) contains a policy file
- (<TT
-CLASS="FILENAME"
->NTConfig.POL</TT
->) then it's contents are applied to the <TT
-CLASS="FILENAME"
->NTUser.DAT</TT
->
- which is applied to the <TT
-CLASS="FILENAME"
->HKEY_CURRENT_USER</TT
-> part of the registry.
- </P
-></LI
-><LI
-><P
-> When the user logs out, if the profile is set to be a roaming profile it will be written
- out to the location of the profile. The <TT
-CLASS="FILENAME"
->NTuser.DAT</TT
-> file is then
- re-created from the contents of the <TT
-CLASS="FILENAME"
->HKEY_CURRENT_USER</TT
-> contents.
- Thus, should there not exist in the NETLOGON share an <TT
-CLASS="FILENAME"
->NTConfig.POL</TT
-> at the
- next logon, the effect of the provious <TT
-CLASS="FILENAME"
->NTConfig.POL</TT
-> will still be held
- in the profile. The effect of this is known as <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->tatooing</I
-></SPAN
->.
- </P
-></LI
-></OL
-><P
->MS Windows NT4 profiles may be <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->Local</I
-></SPAN
-> or <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->Roaming</I
-></SPAN
->. A Local profile
-will stored in the <TT
-CLASS="FILENAME"
->%SystemRoot%\Profiles\%USERNAME%</TT
-> location. A roaming profile will
-also remain stored in the same way, unless the following registry key is created:</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> HKEY_LOCAL_MACHINE\SYSTEM\Software\Microsoft\Windows NT\CurrentVersion\winlogon\
- "DeleteRoamingCache"=dword:00000001</PRE
->
-
-In which case, the local copy (in <TT
-CLASS="FILENAME"
->%SystemRoot%\Profiles\%USERNAME%</TT
->) will be
-deleted on logout.</P
-><P
->Under MS Windows NT4 default locations for common resources (like <TT
-CLASS="FILENAME"
->My Documents</TT
->
-may be redirected to a network share by modifying the following registry keys. These changes may be affected
-via use of the System Policy Editor (to do so may require that you create your owns template extension
-for the policy editor to allow this to be done through the GUI. Another way to do this is by way of first
-creating a default user profile, then while logged in as that user, run regedt32 to edit the key settings.</P
-><P
->The Registry Hive key that affects the behaviour of folders that are part of the default user profile
-are controlled by entries on Windows NT4 is:</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> HKEY_CURRENT_USER
- \Software
- \Microsoft
- \Windows
- \CurrentVersion
- \Explorer
- \User Shell Folders\</PRE
-></P
-><P
->The above hive key contains a list of automatically managed folders. The default entries are:</P
-><P
-> <PRE
-CLASS="PROGRAMLISTING"
-> Name Default Value
- -------------- -----------------------------------------
- AppData %USERPROFILE%\Application Data
- Desktop %USERPROFILE%\Desktop
- Favorites %USERPROFILE%\Favorites
- NetHood %USERPROFILE%\NetHood
- PrintHood %USERPROFILE%\PrintHood
- Programs %USERPROFILE%\Start Menu\Programs
- Recent %USERPROFILE%\Recent
- SendTo %USERPROFILE%\SendTo
- Start Menu %USERPROFILE%\Start Menu
- Startup %USERPROFILE%\Start Menu\Programs\Startup
- </PRE
->
- </P
-><P
->The registry key that contains the location of the default profile settings is:
-
-<PRE
-CLASS="PROGRAMLISTING"
-> HKEY_LOCAL_MACHINE
- \SOFTWARE
- \Microsoft
- \Windows
- \CurrentVersion
- \Explorer
- \User Shell Folders</PRE
->
-
-The default entries are:
-
-<PRE
-CLASS="PROGRAMLISTING"
-> Common Desktop %SystemRoot%\Profiles\All Users\Desktop
- Common Programs %SystemRoot%\Profiles\All Users\Programs
- Common Start Menu %SystemRoot%\Profiles\All Users\Start Menu
- Common Startu p %SystemRoot%\Profiles\All Users\Start Menu\Progams\Startup</PRE
-></P
-></DIV
-><DIV
-CLASS="SECT2"
-><H2
-CLASS="SECT2"
-><A
-NAME="AEN3384"
->18.4.3. MS Windows 200x/XP</A
-></H2
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
-> MS Windows XP Home Edition does use default per user profiles, but can not participate
- in domain security, can not log onto an NT/ADS style domain, and thus can obtain the profile
- only from itself. While there are benefits in doing this the beauty of those MS Windows
- clients that CAN participate in domain logon processes allows the administrator to create
- a global default profile and to enforce it through the use of Group Policy Objects (GPOs).
- </P
-></TD
-></TR
-></TABLE
-></DIV
-><P
->When a new user first logs onto MS Windows 200x/XP machine the default profile is obtained from
-<TT
-CLASS="FILENAME"
->C:\Documents and Settings\Default User</TT
->. The administrator can modify (or change
-the contents of this location and MS Windows 200x/XP will gladly user it. This is far from the optimum
-arrangement since it will involve copying a new default profile to every MS Windows 200x/XP client
-workstation. </P
-><P
->When MS Windows 200x/XP participate in a domain security context, and if the default user
-profile is not found, then the client will search for a default profile in the NETLOGON share
-of the authenticating server. ie: In MS Windows parlance:
-<TT
-CLASS="FILENAME"
->%LOGONSERVER%\NETLOGON\Default User</TT
-> and if one exits there it will copy this
-to the workstation to the <TT
-CLASS="FILENAME"
->C:\Documents and Settings\</TT
-> under the Windows
-login name of the user.</P
-><DIV
-CLASS="NOTE"
-><P
-></P
-><TABLE
-CLASS="NOTE"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="/usr/share/sgml/docbook/stylesheet/dsssl/modular/images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
-> This path translates, in Samba parlance, to the smb.conf [NETLOGON] share. The directory
- should be created at the root of this share and msut be called <TT
-CLASS="FILENAME"
->Default Profile</TT
->.
- </P
-></TD
-></TR
-></TABLE
-></DIV
-><P
->If a default profile does not exist in this location then MS Windows 200x/XP will use the local
-default profile.</P
-><P
->On loging out, the users' desktop profile will be stored to the location specified in the registry
-settings that pertain to the user. If no specific policies have been created, or passed to the client
-during the login process (as Samba does automatically), then the user's profile will be written to
-the local machine only under the path <TT
-CLASS="FILENAME"
->C:\Documents and Settings\%USERNAME%</TT
->.</P
-><P
->Those wishing to modify the default behaviour can do so through up to three methods:</P
-><P
-></P
-><UL
-><LI
-><P
-> Modify the registry keys on the local machine manually and place the new default profile in the
- NETLOGON share root - NOT recommended as it is maintenance intensive.
- </P
-></LI
-><LI
-><P
-> Create an NT4 style NTConfig.POL file that specified this behaviour and locate this file
- in the root of the NETLOGON share along with the new default profile.
- </P
-></LI
-><LI
-><P
-> Create a GPO that enforces this through Active Directory, and place the new default profile
- in the NETLOGON share.
- </P
-></LI
-></UL
-><P
->The Registry Hive key that affects the behaviour of folders that are part of the default user profile
-are controlled by entries on Windows 200x/XP is:</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> HKEY_CURRENT_USER
- \Software
- \Microsoft
- \Windows
- \CurrentVersion
- \Explorer
- \User Shell Folders\</PRE
-></P
-><P
->The above hive key contains a list of automatically managed folders. The default entries are:</P
-><P
-> <PRE
-CLASS="PROGRAMLISTING"
-> Name Default Value
- -------------- -----------------------------------------
- AppData %USERPROFILE%\Application Data
- Cache %USERPROFILE%\Local Settings\Temporary Internet Files
- Cookies %USERPROFILE%\Cookies
- Desktop %USERPROFILE%\Desktop
- Favorites %USERPROFILE%\Favorites
- History %USERPROFILE%\Local Settings\History
- Local AppData %USERPROFILE%\Local Settings\Application Data
- Local Settings %USERPROFILE%\Local Settings
- My Pictures %USERPROFILE%\My Documents\My Pictures
- NetHood %USERPROFILE%\NetHood
- Personal %USERPROFILE%\My Documents
- PrintHood %USERPROFILE%\PrintHood
- Programs %USERPROFILE%\Start Menu\Programs
- Recent %USERPROFILE%\Recent
- SendTo %USERPROFILE%\SendTo
- Start Menu %USERPROFILE%\Start Menu
- Startup %USERPROFILE%\Start Menu\Programs\Startup
- Templates %USERPROFILE%\Templates
- </PRE
->
- </P
-><P
->There is also an entry called "Default" that has no value set. The default entry is of type REG_SZ, all
-the others are of type REG_EXPAND_SZ.</P
-><P
->It makes a huge difference to the speed of handling roaming user profiles if all the folders are
-stored on a dedicated location on a network server. This means that it will NOT be necessary to
-write Outlook PST file over the network for every login and logout.</P
-><P
->To set this to a network location you could use the following examples:
-
-<PRE
-CLASS="PROGRAMLISTING"
-> %LOGONSERVER%\%USERNAME%\Default Folders</PRE
->
-
-This would store the folders in the user's home directory under a directory called "Default Folders"
-
-You could also use:
-
-<PRE
-CLASS="PROGRAMLISTING"
-> \\SambaServer\FolderShare\%USERNAME%</PRE
->
-
-in which case the default folders will be stored in the server named <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->SambaServer</I
-></SPAN
->
-in the share called <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->FolderShare</I
-></SPAN
-> under a directory that has the name of the MS Windows
-user as seen by the Linux/Unix file system.</P
-><P
->Please note that once you have created a default profile share, you MUST migrate a user's profile
-(default or custom) to it.</P
-><P
->MS Windows 200x/XP profiles may be <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->Local</I
-></SPAN
-> or <SPAN
-CLASS="emphasis"
-><I
-CLASS="EMPHASIS"
->Roaming</I
-></SPAN
->.
-A roaming profile will be cached locally unless the following registry key is created:</P
-><P
-><PRE
-CLASS="PROGRAMLISTING"
-> HKEY_LOCAL_MACHINE\SYSTEM\Software\Microsoft\Windows NT\CurrentVersion\winlogon\
- "DeleteRoamingCache"=dword:00000001</PRE
->
-
-In which case, the local cache copy will be deleted on logout.</P
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="NAVFOOTER"
-><HR
-ALIGN="LEFT"
-WIDTH="100%"><TABLE
-SUMMARY="Footer navigation table"
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
-><A
-HREF="policymgmt.html"
-ACCESSKEY="P"
->Prev</A
-></TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="samba-howto-collection.html"
-ACCESSKEY="H"
->Home</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
-><A
-HREF="interdomaintrusts.html"
-ACCESSKEY="N"
->Next</A
-></TD
-></TR
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
->System and Account Policies</TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="optional.html"
-ACCESSKEY="U"
->Up</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
->Interdomain Trust Relationships</TD
-></TR
-></TABLE
-></DIV
-></BODY
-></HTML
-> \ No newline at end of file
generated by cgit (git 2.34.1) at 2024-11-25 14:40:42 +0000