Copy Admin Profile to Default User
Filed under:
Deployment, Scripting, Customization
Submitted by trb48 on 12 August, 2008 - 08:41.
We are trying to move to Active Directory authentication at work. We have bumped into a few problems. The one I solved today deals with user profiles.
Right now when we setup a computer for a user, we create a generic account "localuser" and tweak it just the way we like it. We also install all of the programs we need while logged into that account. This one account has the windows profile and software configured correctly.
When you log into a machine using Active Directory, Windows will create a new account for you. As you probably know, in C:\Documents and Settings there is a folder called "Default User". This is the user profile template. When a new user is created Windows uses the contents of this folder to create the user.
The Default User account is not configured correctly, and the account that we created (the localuser) account does. I was not sure how to fix this problem until I found this post: Copy Admin profile to Default user.
BoaSoft posted the following script:
rem delete old Default User profile RD /s /q "%systemdrive%\Documents and Settings\Default User" rem copy current user profile to default user profile xcopy "%USERPROFILE%\*.*" "%systemdrive%\Documents and Settings\Default User" /e /c /I /H /R /K /Y rem delete non-need some files del /f /q "%systemdrive%\Documents and Settings\Default User\*.*" rem set default attributes attrib +h "%systemdrive%\Documents and Settings\Default User" rem registry trick rem no directly copy locked ntuser.dat file rem use reg tools to save current user registry to file reg save HKCU "%systemdrive%\Documents and Settings\Default User\ntuser.dat" rem set default attributes to hive file attrib +H +S "%systemdrive%\Documents and Settings\Default User\ntuser.dat"
I tweaked it to match Windows defaults.
When you run this script, it copies all of the profile settings in the currently logged in account to the default user profile. Now, every account that Windows creates will have all the correct settings.
(36 votes)
- Login or register to post comments
- 3141 reads
- Printer-friendly version
Noticed an error
I just noticed an error in the script, I tried it out and noticed there is a minor mispelling.
the line:
xcopy "%USERPROFILE%\*.*" "%systemdrive%\Document and Settings\Default User" /e /c /I /H /R /K /Y
Should be:
xcopy "%USERPROFILE%\*.*" "%systemdrive%\Documents and Settings\Default User" /e /c /I /H /R /K /Y
Pretty good, but some caveats (aren't there always??!)
We used to copy the default profile like this, but we hit some problems; Some software from naughty vendors use hardcoded paths in the registry for config files. This can give odd problem when the new user logs in, and tries to run the software. Further, this process doesn't cater for users who already have an account on the machine as a result its only for apps created within the image for first image deployment.
As a result of being burned a few times, we had to take the view that each software package we built had to cater for the multi-user environment within the package itself. As such, we make use of,
If you can get away with it -copying the default profile is great and I am jealous of all those that can get away with it! If only we had the power to outlaw such badly written application in some IT Court of Justice.
Here are a couple of links to some ActiveSetup docs for anyone wanting to run config changes when the user logs on,
Juice Article by Yukon
Wikipedia Article
Article by Ed Tippelt
Kind Regards,
Ian./
You really don't want to
You really don't want to run this on existing profiles as existing setting can and does get messed up!
It is easier and the process is cleaner to edit the ntuser.dat from the Default Users profile directly to customize profile settings.
If you have several different images for each model, you can then edit the image and replace the ntuser.dat with the one you created.
MS says don't use Administrator
I found this article http://support.microsoft.com/kb/319974 saying not to use the Administrator profile because of potential permissions issues.