GiraffeIT.com have been asked many a time to create mandatory ( or roaming as they used to be known ) profiles for various people.
The benefits are small, rapidly loading profiles that end users cannot write back to.
1.) Make a local user on the server
2.) Make the user member of the local administrators group on your server
3.) Login in with this user and customize for example the start menu
4.) Create a share on your file server.
5.) Copy the complete template folder from the C:Users directory to the new server share
6.) Rename the template folder to mandatory.V2 The .v2 is significant as it tells windows seven its a man profile for it.
7.) Delete the Local and LocalLow folders from the AppData folder
8.) Open REGEDIT and load the NTUSER.DAT hive ( make sure HKEY_USERS is highlighted
9.) Right-click on the Mandatory profile and choose permissions
10.) Delete the template user and add the Authenticated Users (Full Control)
11.) Unload the NTUSER.DAT from your registry
12.) Rename the NTUSER.DAT to NTUSER.MAN
13.) change the relevant users profiles in ADUC or via Policy preferences.
- @ September 13, 2012 1:29 pm