• Recently Written

  • Deleting a local user profile on Terminal Server 2008 – Very tricky and a bit complicated than deleting it from Server 2003
  • “Because of an error in data encryption, this session will end” – error on Windows Server 2008
  • Norton Symantec Ghost Console is not displaying computers after installing remote client
  • Norton Symantec Ghost is not displaying all my machines on the console
  • Microsoft Office Outlook 2003 is not showing embedded graphics
  • bobzop.com (now colzop.com) – a possible MSN virus or spy ware
  • My Laptop Touch Pad is not working on DELL and Acer Laptop
  • Windows Vista and XP password recovery using Ophcrack

• Categories

  • Email
  • Hardware
  • password recovery
  • Security
  • Software
  • Windows Server 2008

• Archives

  • July 2010
  • May 2009
  • February 2009
  • December 2008
  • November 2008
  • September 2008
  • August 2008

• Blogroll

  • Express Your Opinion - Express yourself about anything and everything on the planet

One of the last resort in fixing a user issue on a terminal server environment is to delete user profiels in order to start with a clean slate. That proved to be very difficult for me than I anticipated in a Terminal Server 2008 environment. I used server 2003 beforeand it was not as pain as this. Server 2003 all you had to do is just delete the user profile and ask the user to log back in. With that mind set here goes the story. 

 It is very easy to think a local user profile on Windows Server 2008, Windows Vista and Windows 7 directory is located under C:\Users directory(if you are using your Server 2003 knowledge). Behind the scene technicality is a bit different. Windows Server 2008, Windows Vista, Windows 7, contrary to common belief, actully keeps track of all the profiles that gets created in the registry key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList.” Each of the profiles that is stored lcoally (happens in terminal server 2008 environment as well) a subkey is created.  If you are not sure which profile you are looking for you should be able to see the username of each profile when you click on each SID. 

What I did that caused the headache? 

What happens if you delete the user profile directory below C:\Users\”Username” without modifying the registry? Well that is exactly what caused the headch for me. After deleting the profile, when the user logged in Windows displays a balloon tip (see the figure 1) indicating that Windows could not load the user profile and that the user was logged on with a temporary profile. As you know, temporary profile is the last option available to Windows to log you in if it can not load your profile properly. After you log off, all the changes are lost. 

So how do you really delete a profile? 

Follow  one or the other options below: 

1. Well make sure you delete the profile directory AND the subkey from the rigstry.
2.  Go to start > run and type in sysdm.cpl. From there go to Advanced Tab, then to Settings on User Profiles and delete the profile you want to delete from there.

 Too late, I already deleted the profile, now what? 

Not to worry. Windows is really smart (!). If windows finds an orphan ProfileList subkey matching a userprofile’s SID without an associated profile directory (C:\Users\”username”) it backs up the ProfileList subkey with a.bak extention. Just remove the one that corresponds to your troubled profile. 

This was also the reason why if you don’t delete this none of the trobuelshooting will show up because the balloon tip needs to go first. Only way it will go is by deleting .bak subkey. 

This does not apply to any machines with Server 2003 because it uses simplistic approach. If a ProfileList registry exists but directory does not, it just recreates the new profile and overrides the data. 

Anyways, as much as I like windows server 2008, at the same time I have to wonder why Microsoft made this change! Maybe because they thought some users will find temporary profile very useful?

Sphere: Related Content

I am using Dell PowerEdge 2950 with NetXtreme II NIC with Windows Server 2008 (not R2). It was working perfectly. I enabled RemoetApp, created RDP, also enabled Remote Desktop to allow our users to connect from anywhere. Good thing is it is still in testing environment. I didn’t have any security software installed on it so I proceeded to install whatever I had available to me which was Symantec EndPoint 64 bit edition for Windows Server 2008.
Sure enough like any other installation, the installation process went well. I ran live update with no hitch. Then it asked me to reboot. After that, I started to get the following error:
“Because of an error in data encryption, this session will end. Please try connecting to the remote computer again.” – Just like the screen shot below.

As soon as you press ok, it just closes the program. I tried it with RemoteApps, Remote Desktops and also using the RDP clients I created for each program. Trying to locate information, I came across many useful hints but mostly about Windows Server 2003.
I tried to change registry keys but none of them worked for me. If you want to try those solutions go ahead but please know that it may inadvertently cause some other issues. Then I found another solution that I wanted to try which basically talks about “Large Send Offload on IPv4.” This was a unique solution because I thought it was brilliant. So I followed the following steps:
1. Went to the server room (because I can’t connect remotely even as administrator)
2. Logged onto the Server.
3. Then find your active “Local Area Connection Status” window.
4. Click on Properties
5. Click on Advanced tab and you will see something like the screen shot below:

6.   Select Large Send Offload v2 (IPv4) and on the Value field select disable just like the screen shot below:

Press ok and you should be back in business.

Hope this helps.

Sphere: Related Content

An interesting Symantec Ghost Corporate Edition problem I encounter last week.

There is an older server and a newer server for Symantec Ghost for the same edition which is Version 8.0. License was migrated to the newer server on an earlier date. However the older server was still operational. When I went to uninstall remote clients from Symantec Ghost Console it uninstalled properly, but it was still visible on the console of the old server. I then proceeded to manually delete it and made sure license count was decreasing.

After that I went on to the new server’s Symantec Ghost Console and installed the remote client. It showed that it installed properly but it was not showing up on the computer list where it should. I tried to reinstall the client from the old server and it installed properly again and the machine appeared magically on the older server again. Thinking it may be just a glitch, I went on to uninstall the client from the older server and then reinstalled the newer client but still it didn’t show up.

At this point I went on the internet to see if there are any solutions. Sure enough there was NONE. Everyone is talking about different problems but not as unique as this where after installing remote client from a new Symantec Ghost Server, the remote machine does not appear on the console. After a lot of process of elimination, I thought of trying out the following steps:

1. Install remote client from the old Symantec Ghost Server Console.
2. Apply the proper DOS Template.
3. Uninstall the Client from that machine using the old Ghost Server Console.
4. Delete the machine from the old server console.
5. Log out from the Old server.
6. Disconnect the network cable for that server.
7. Log on to the new Server Console for Symantec Ghost.
8. Install the remote client on the same machine.

At this point to my surprise, the machine appeared on the new console. Who would have thought of it?

I am just sharing this just incase someone else is having the same troubles.

Sphere: Related Content

Next Page →