Archived from groups: microsoft.public.windowsnt.terminalserver.misc (
More info?)
Yes, I would add Everyone here, to be sure that you don't get
permission problems.
--
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
--- please respond in newsgroup, NOT by private email ---
<NoSpamZtheitman@nospamZolsbuff.com> wrote on 21 mar 2005 in
microsoft.public.windowsnt.terminalserver.misc:
> -
> Vera,
> Well, your correct
> Ok I reinstall a fresh copy and I am back to my starting point.
>
> I still have one question:
> After the "copy to" do I need to click on the [Change ] button
> a enter "everyone"
>
> Thanks,
> Terry
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns961FA1954A162veranoesthemutforsse@207.46.248.16...
>> You can re-create the shortcuts manually or re-install
>> completely. Which method is faster depends on how many
>> shortcuts and settings you have to configure manually, and how
>> well you documented your system.
>>
>> I'm afraid that you have just learned the hard way that you
>> always need a backup before making major changes, preferably a
>> total system backup.
>> When modifying the Default User profile (or anything else for
>> that matter), first copy the existing folder to another folder
>> before you overwrite it. Delete the original only when you are
>> 100% sure that your modifications are OK.
>>
>> --
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>
http://hem.fyristorg.com/vera/IT
>> --- please respond in newsgroup, NOT by private email ---
>>
>> <NoSpamZtheitman@nospamZolsbuff.com> wrote on 20 mar 2005 in
>> microsoft.public.windowsnt.terminalserver.misc:
>>
>>> -
>>> Hi Vera,
>>>
>>> I know what I did wrong, I copied a Domain user profile over
>>> the Default User
>>> Now I need to re-create the Default User profile or maybe try
>>> a repair or Windows 2003 (is there anything you can think of)?
>>> Maybe I have to Re-Install Windows 2003 ?
>>> Whatever I need to do I need to do it today (Sunday)
>>> Any suggestions on re-creating the Default User profile?
>>> Right now No account including the local Administrator have
>>> all the programs I installed and the programs are all missing
>>> fro Start, Programs 995 of the programs are NOT listed here
>>> any longer.
>>>
>>> Any suggestions?
>>> Thanks, Terry
>>>
>>>
>>>
>>> "theitman" <nospam@olsbuff.com> wrote in message
>>> news:OZijLVOLFHA.1884@TK2MSFTNGP15.phx.gbl...
>>>> -
>>>> Hi Vera,
>>>>
>>>> I copied the Profile I setup "LikeThis" I did NOT click on
>>>> the [Change] option mentioned below.
>>>> No I have a problem. All the users that logon get a very
>>>> limited profile. It is picking up the mapped drives OK from
>>>> there Login script on the DC (This is GOOD and I want this to
>>>> happen) However, there desktop ONLY shows the icon for out
>>>> (for Office 2002 installed on this Terminal Server
>>>> api-tserver)
>>>> None of the setting I set in the "LikeThis" profile are
>>>> there. If I brows to MS Word (Program Files, Microsoft
>>>> Office, ...) and click on
>>>> Winword.exe Word will start but i get errors.
>>>> So,
>>>> How do I fix this so the users all get the proper setting
>>>> from the Default User when they login to this Terminal Server
>>>> ?
>>>>
>>>> Can you Please email me directly (I have to fix this ASAP)
>>>> my email address is: theitman at olsbuff.com
>>>>
>>>> Thanks a lot for the help Vera !!!
>>>>
>>>> Terry
>>>>
>>>>
>>>>
>>>> "theitman" <nospam@olsbuff.com> wrote in message
>>>> news:%23oW3aOLLFHA.732@TK2MSFTNGP12.phx.gbl...
>>>>> -
>>>>> Hi Vera,
>>>>>
>>>>> I am new to all this
>>>>> Here is what I did so far I got so far:
>>>>>
>>>>> On the DC (APIDC1 located in api.armlink.com)
>>>>> Followed the steps under Method 1 in 260370 (link you
>>>>> provided) Created the OU on the DC computer (DC computer
>>>>> here is APIDC1) steps 1 - 9 OK
>>>>> Created a Terminal Server Group Policy object , steps 1 - 5
>>>>> OK OU and Group Police named after the computer
>>>>> (API-Tserver) as mentioned in the article.
>>>>>
>>>>> On the Terminal Server (API-Tserver)
>>>>> The Terminal Server Name is API-Tserver (Windows Server
>>>>> 2003 is a stand alone)
>>>>> I the steps you mentioned below on the Terminal Server.
>>>>> I did this already:
>>>>> created a Default User profile with all the setting I
>>>>> want.
>>>>> Now when I copy the User Profile (LikeThis) onto the
>>>>> Default User
>>>>> Profile (folder)
>>>>> Do I also want to click on the Change button (located
>>>>> on this page
>>>>> [Users or Built-in Groups] )
>>>>> and enter "Everyone" ? The following is already
>>>>> listing the
>>>>> following on this Permit to use [ Change ] page
>>>>> From this location [Armlink.com] this is our domain
>>>>> So do I need to add the everyone group in the Enter the
>>>>> object name to
>>>>> select [ ] here?
>>>>>
>>>>>
>>>>> Do I need to install something so I can work with Users and
>>>>> Computers on this 2003 server (if I do where do I get the
>>>>> program)?
>>>>>
>>>>> Thanks so much Vera,
>>>>> I need baby steps
>>>>> Terry
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns961DEA27B54D2veranoesthemutforsse@207.46.248.16...
>>>>>> Create the Default User profile on the TS as you described
>>>>>> earlier If you want to force the users to use a local
>>>>>> profile on the TS, create a Group Policy (in Active
>>>>>> Directory Users and Computers), link it to the
>>>>>> Organizational Unit that contains your Terminal Server, and
>>>>>> enable the following setting:
>>>>>>
>>>>>> Computer Configuration - Administrative templates - System
>>>>>> - User profiles
>>>>>> "Only allow local user profiles"
>>>>>>
>>>>>> 260370 - How to Apply Group Policy Objects to Terminal
>>>>>> Services Servers
>>>>>>
http://support.microsoft.com/?kbid=260370
>>>>>>
>>>>>> --
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>
http://hem.fyristorg.com/vera/IT
>>>>>> --- please respond in newsgroup, NOT by private email ---
>>>>>>
>>>>>> "theitman" <nospam@olsbuff.com> wrote on 17 mar 2005 in
>>>>>> microsoft.public.windowsnt.terminalserver.misc:
>>>>>>
>>>>>>> -
>>>>>>> Hi Vera,
>>>>>>>
>>>>>>> Is it better to use Group Policies for this task (So
>>>>>>> everyone that loges onto the Terminal Server gets the same
>>>>>>> desktop and program settings)? I'm interested in Group
>>>>>>> Policies for this task, however, I have never use GP and I
>>>>>>> don't know where to start. If it's not to involved can you
>>>>>>> give me the step need to accomplish the above.
>>>>>>>
>>>>>>> Thanks in Advance,
>>>>>>> Terry
>>>>>>>
>>>>>>> PS: as long as you may be helping me do one GP is the
>>>>>>> there an easy way to Turn OFF the Win XP Firewall on all
>>>>>>> the XP machines in one site in the AD?
>>>>>>>
>>>>>>> Again Thanks so much for the help.
>>>>>>>
>>>>>>> Terry
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>>> wrote in message
>>>>>>> news:Xns961AEBD31CFEBveranoesthemutforsse@207.46.248.16...
>>>>>>>> That sounds correct. Every user that connects to this TS
>>>>>>>> and *who has not yet an existing roaming TS-specific
>>>>>>>> profile*, will receive a copy of the Default User profile
>>>>>>>> that you created.
>>>>>>>>
>>>>>>>> If users have existing roaming TS profiles, they will
>>>>>>>> *not* receive a copy of the Default User profile. You can
>>>>>>>> force them to get one by deleteing theit existing roaming
>>>>>>>> TS profile, but then they will also use this Ts profile
>>>>>>>> on all other TS they connect to. So if this profile
>>>>>>>> should be unique to this TS, make sure that users do
>>>>>>>> *not* have roaming TS profiles. Note that you can use a
>>>>>>>> GPO to force a local profile.
>>>>>>>>
>>>>>>>> If users have local TS profiles, you should be OK now.
>>>>>>>>
>>>>>>>> --
>>>>>>>> Vera Noest
>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>
http://hem.fyristorg.com/vera/IT
>>>>>>>> --- please respond in newsgroup, NOT by private email ---
>>>>>>>>
>>>>>>>> <NoSpamZtheitman@nospamZolsbuff.com> wrote on 15 mar 2005
>>>>>>>> in microsoft.public.windowsnt.terminalserver.misc:
>>>>>>>>
>>>>>>>>> -
>>>>>>>>> Yes there is a Trust (I think by default) AD does this.
>>>>>>>>> Wow had to add the Everyone group and then add the
>>>>>>>>> Domains to the groups of users.
>>>>>>>>> It's working now. Thanks for the help.
>>>>>>>>>
>>>>>>>>> Here is an easy one I'm sure,
>>>>>>>>> I logged on to the Terminal Server as a user named
>>>>>>>>> "LikeThis" setup all the programs and Desk Top, then
>>>>>>>>> setup all the option the way I need them in MS Word and
>>>>>>>>> Excel. So the user profile for the user "LikeThis" is
>>>>>>>>> perfect. No I want Everyone that logs onto the terminal
>>>>>>>>> server to get this as the profile for their Terminal
>>>>>>>>> Server session. I think I copy the user profile
>>>>>>>>> "LikeThis" over the top on the Local Right click on My
>>>>>>>>> Computer, System Properties, Advanced, User
>>>>>>>>> Profiles,Select the user profile "LikeThis",then click
>>>>>>>>> on Copy To, and Brows to the %system root%Documents and
>>>>>>>>> settings/Default User folder, then click on OK. I am
>>>>>>>>> guessing that this will cause ANY user that log onto
>>>>>>>>> this Terminal Server to have the Setting I created for
>>>>>>>>> Word, Excel (the Macro Security settings, set
>>>>>>>>> to Low etc.) am I correct? Do I have all the correct
>>>>>>>>> steps?
>>>>>>>>>
>>>>>>>>> This is Windows Server 2003 running as Terminal Server.
>>>>>>>>>
>>>>>>>>> The reason I am NOT sure is because the Help file I
>>>>>>>>> found made me think that these steps will change more
>>>>>>>>> than the users profile on this Terminal Server. Sounded
>>>>>>>>> almost like I was changing AL the User in the Domain. I
>>>>>>>>> ONLY want to control the user profile on this ONE
>>>>>>>>> Terminal Server.
>>>>>>>>>
>>>>>>>>> Thanks in advance !!!
>>>>>>>>> Terry
>>>>>>>>>
>>>>>>>>> "Vera Noest [MVP]"
>>>>>>>>> <vera.noest@remove-this.hem.utfors.se> wrote in message
>>>>>>>>> news:Xns9618ED717C2E3veranoesthemutforsse@207.46.248.16..
>>>>>>>>> .
>>>>>>>>>> Is there a trust relationship between these 2 domains?
>>>>>>>>>> You have to make the \\domain2\username a member of the
>>>>>>>>>> local built-in group "Remote Desktop Users" on the
>>>>>>>>>> Terminal Server in domain1.
>>>>>>>>>>
>>>>>>>>>> If the Terminal Server is also a Domain Controller in
>>>>>>>>>> domain 1 (which is *not* recommmended!), then you have
>>>>>>>>>> to give this user Log On Locally rights on the server
>>>>>>>>>> (in the default Domain Controller Security Policy).
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Vera Noest
>>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>>>
http://hem.fyristorg.com/vera/IT
>>>>>>>>>> --- please respond in newsgroup, NOT by private email
>>>>>>>>>> ---
>>>>>>>>>>
>>>>>>>>>> "theitman" <nospam@olsbuff.com> wrote on 13 mar 2005 in
>>>>>>>>>> microsoft.public.windowsnt.terminalserver.misc:
>>>>>>>>>>
>>>>>>>>>>> -
>>>>>>>>>>> Hello everyone,
>>>>>>>>>>> Windows 2003 setup with Terminal Server
>>>>>>>>>>> Everything works as expected when I login with a user
>>>>>>>>>>> account from my local Domain (domain1) however, when I
>>>>>>>>>>> tried to logon to the Terminal Server with an account
>>>>>>>>>>> form one of our other doamain (domain2) I get the
>>>>>>>>>>> following error and can not logon. The local policy of
>>>>>>>>>>> this system does not permit you to logon
>>>>>>>>>>> interactively. Then I am disconnected. Any step by
>>>>>>>>>>> step help will be very helpful (This is the first
>>>>>>>>>>> Terminal Server I am tring to setup) As Always, Thank
>>>>>>>>>>> You in advance, Terry