1 - Kent State University



User Profiles and Active Directory

By: Daniel Toth

What's a profile?

A profile is where Windows keeps all your personal data and settings. Your profile is where your "My Documents", "My Pictures" and "My Music" files are stored, and where your Internet favorites and cookies are kept. Windows keeps track of your personal settings in your profile, like your desktop wallpaper and the lists of documents you've recently opened. Most of the changes you make to personalize your applications are also kept in your profile, as well as files like dictionaries and playlists.

What is Active Directory?

Active Directory (AD) is an implementation of Lightweight Directory Access Protocol (LDAP) directory services by Microsoft for use primarily in Windows environments. LDAP is a protocol used to access a directory listing. The main purpose of AD is to provide central authentication and authorization services for Windows based computers. AD also allows administrators to assign policies, deploy software, and apply critical updates to an entire organization. AD stores information and settings relating to an organization in a central, organized, accessible database. AD networks can vary from a small installation with a few hundred objects, to a large installation with millions of objects.

The User Profile Wizard (UPW), created by ForensIT, reassigns a profile from one profile to another. It appears to do this without moving the files on the local drive. This is one advantage the User Profile Wizard has over the Files and Settings Transfer Wizard (FSTW), which Microsoft integrates into its operating systems. The FSTW makes an archive of the selected user’s profile. The time to do this is anywhere from 10 minutes to over one hour. The time required for the UPW to complete its tasks is roughly 4 minutes long.

The User Profile Wizard runs on Windows 2000, Windows XP, and Windows Vista.

It also has a feature in which one can delete the account after the profile has been reassigned. This will permanently erase the old profile. Another feature of UPW is the ability to share a profile. This would allow two people to share the same settings and documents. The UPW also can add a computer to AD, while it reassigns the profile. One other option of UPW is the capability to disable the local profile after a successful migration to AD. Disabling the account would allow you to still have a backup of all the documents.

Below you will see instructions for adding a computer to AD using both the UPW and FSTW.

User Profile Wizard from ForensIT

1. Log on as existing local user of the computer

a. Confirm user is an Administrator

i. Right-click on My Computer

ii. Select Manage

iii. Double-click Local Users and Groups

iv. Select Groups

v. Double-click Administrators

vi. The users account name should be listed under Members

vii. Click OK

viii. Close Computer Management

2. Rename computer

a. Right-click on My Computer

b. Click on Properties

c. Click the Computer Name tab

d. In Description field add a useful name

e. Click on the Change button

f. Type in the appropriate name (the one created in AD Computers)

g. Click OK twice

h. Reboot the computer

3. Add computer to the domain

a. NOTE: This step must be done by authorized personnel

b. Insert media that has the User Profile Wizard on it

c. Open My Computer

d. Double-Click the media you just inserted

e. Find Profwiz and double-click it

f. Click Next

[pic]

g. Enter the Domain as example.domain

h. Enter the account name as user1@example.domain

i. Deselect the Set as default logon checkbox

j. Click Next

[pic]

k. Select the user’s account from the list of profiles

l. Select the Disable Account checkbox

m. Click Next

[pic]

n. Enter an authorized ID and password

o. Click OK

[pic]

p. A screen such as this will display when the wizard is complete

[pic]

q. Click Next

r. Click Finish

[pic]

s. You must click OK to reboot the computer

4. Have the user log on using their e-mail address and password

5. Make sure the user’s default printer is set to their preference

6. Make sure the user is able to access everything as before

File & Settings Transfer Wizard from Microsoft

1. Log on as existing local user

2. Confirm user is an Administrator

3. Browse through the user’s documents to see if there are any large files

a. Make a new folder

b. (ex. C:\UsernameProfile)

c. Transfer any large files to this new folder

4. Run file and settings transfer wizard, transferring files to the new folder on the hard drive (ex. C:\UsernameProfile)

a. Click Start

b. Click All Programs

c. Click Accessories

d. Click System Tools

e. Click on Files and Settings Transfer Wizard

f. Click Next

[pic]

g. Select Old Computer radio button

h. Click Next

[pic]

i. Select Other radio button

j. Click Browse and select the folder created in step 3

k. Click Next

[pic]

l. Select Both Files and Settings radio button

m. Choose Let Me Select a Custom List of Files

n. Click Next

[pic]

o. Ensure that all the folders are listed

p. Click Next

[pic]

q. Wait for the wizard to complete

[pic]

r. Click Finish

5. Rename computer

a. Right-click on My Computer

b. Click on Properties

c. Click Computer Name tab

d. In Description field add a useful name so that you know what computer is what when browsing the network

e. Click on Change button

f. Type in the appropriate name (ex. CBA-BACL-001)

g. Click OK twice

h. Reboot is necessary

6. Add computer to the domain

a. NOTE: This step must be done by authorized personnel

b. Right-click on My Computer

c. Click on Properties

d. Click Computer Name tab

e. Click on Change button

f. Click on the Domain radio button

g. Type in domain name

h. Click OK

i. Reboot is necessary

7. Have the user log on using their Active Directory account

8. Add user’s Active Directory account as an Administrator

a. Open Control Panel

b. Double-click User Accounts

c. Input Administrator password for the computer

d. Click OK

e. Click Add…

f. Type the user’s Active Directory account name in the User Name box

g. (ex. dtoth1)

h. Type the domain in the Domain box

i. Click Next

j. Select the Other radio button

k. In the scroll box select Administrators

l. Click Finish

9. Run file and settings transfer wizard again to import documents and settings

a. Select New Computer this time

b. Follow instructions in Step 4

c. NOTE: Sometimes the user’s original desktop icons do not copy over

d. If they do not copy over with the wizard, browse to C:\Documents and Settings\olduseraccount

e. Open the Desktop folder and Copy the contents to the new user’s Desktop folder

10. Delete files created by wizard and disable local user account. This will prevent

unauthorized or accidental access to the local account but retain the files and

settings as a backup

a. Disable the old profile

i. Right-click My Computer

ii. Click on Manage

iii. Double-click Local Users and Groups

iv. Click on Users

v. Right-click on the local user account

vi. Click on Properties

vii. Select the Account is Disabled box

viii. Click OK twice

b. To delete files created by the wizard

i. Open My Computer and browse the C drive and find the new folder you created earlier

ii. Highlight the folder and hold down Shift and press Delete

iii. Click Yes

iv. Close the window

11. Make sure the user is able to access everything as before

Sources



................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download