Temporary Profiles for New ADUC Users on Different Computers

Here’s a weird one that I just ran into recently on a network we inherited from another IT consulting firm.

A little background on this issue. The environment has a Windows active directory with Windows 7 clients. Several GPOs configured including folder redirection. A new user was just set up and a day later started getting a temporary profile.

Our tech team tried some things that have worked before to fix temporary profiles. We tried creating a new profile but no local profile directory got created. Tried deleting the backup profile registry key but that wasn’t there, system restore didn’t fix it either. We tried putting the user in their own OU with a folder redirection GPO. But no matter what we tried, they would continue to get a temporary profile. Copying the user resulted in the same problem. The problem followed the new user even when logging into another computer.

If an existing user logged into the computer they logged in just fine. That led us to look at Active Directory. What ended up getting this problem resolved was to inherit inheritable permissions on the user that had this problem. There must have been something in the new user’s AD permissions that wasn’t right and we were thinking the GPO requires some inheritable permissions for it correctly set up the profile on the computer. After that was done the new user received a normal user profile.

ADinherit

Weird!

This network issue threw me for a loop

I got sent to a network problem for one person in a office and some troubleshooting took place as well as some remediation steps. Basically the user had no network access all of a sudden. The computer had already been rebooted (the first thing IT people seem to recommend, right?)

The network card was removed from device manager and reinstalled. At that point I was dispatched to the client. I tried some basic stuff – swapped network cables. That didn’t work. Rebooted the switch. Forced the NIC into 100 Mbps Full – nope. 100 Mbps Half – nope. 1 Gbps – nope, nope. Scanned for malware. None found. I started working on it in the server room and after updating the NIC drivers, I got internet. Cool! It’s fixed.

Then I moved it back to the user’s desk and no internet again. Hmm…I guess it’s the cable drop between the network closet and the office. Temporary solution – move his computer to another desk. So we move all the components – PC, monitors, cables, keyboard, etc. And???

NO NETWORK AGAIN? Okaaay

Moved to another office on a different switch. Still no network. What? Back in the server room it started getting spotty network connectivity. Weird. Contacted Dell support and my manager. Ran a BIOS update and did a clean uninstall of the NIC from Device Manager. Reinstalled the NIC with fresh drivers from Dell. Seems to have network connectivity. Moved it back to the temporary desk. No network!!!

What is going on??

I’m scratching my head trying to figure it out. So on a whim, I decided to try 100 Mbps Full and I got network! Hooray! 1 Gbps doesn’t seem to work and Auto-negotiate doesn’t work either. So in the end it took a BIOS update, NIC driver refresh, and forcing the NIC to connect at 100 Mbps.

Nothing changed as far as I can determine. No updates were installed and the user didn’t change anything. Why it didn’t work all of sudden? Who knows? I’m just glad it’s working!

Blank Desktop, No Mapped Drives

Had a weird issue pop up recently. The background is this. The client had a new Windows 2012 server installed running as a domain controller, DHCP, DNS, and file server. Some new switches were installed.

The issue I came in to help with was that people were not able to connect to the network for some reason. These were people who just came back from a long period of time and logged in but were not getting connectivity to the network drives or printers. We thought that the solution was to put them into another port on the switches which did work for some people but for some reason it didn’t work that day.

As I was trying to figure out this problem, another issue arose. I rebooted someone’s PC who was having network connectivity problems and all I got was a blank desktop with a cursor for the mouse. Even in safe mode, I got the same symptom. Checking IPCONFIG I got the 169.x.x.x address. You know what that means, it wasn’t getting an IP assignment from the DHCP server.

Another tidbit of information – this network didn’t have folder redirection or roaming profiles so it wasn’t either of those that was causing issues. After some trial and error, I was able find a Band-Aid while we worked towards a solution. The temporary fix was to disconnect the LAN cable, log in, then connect back up. After that, people were able to use their PCs. But the issue still remained without employing the Band-Aid fix. Why are they getting blank screens with a mouse pointer and nothing else?

We don’t know exactly what fixed it but we did a few things and either one or a combination of the things we did apparently fixed the problem. Rebooted all the switches. And I found that the DHCP wizard was complaining about something not being completed. I ran through the wizard to finish it all up. I don’t remember exactly what it was but some final steps needed to be completed. I believe there are some accounts/groups that needed some DHCP service permissions that it found wasn’t done. Rebooted the new 2012 server.

After doing those, the network authentications problems, network connectivity issues, and blank screens all disappeared. My personal feeling is that the DHCP wizard needed to finish up the permissions. The reason I think that is because of the fact that client PCs were not getting IP assignments. In any case, the problem was fixed and everyone was back to work within a few hours.

Hope this helps someone.

Trinity Rescue Kit allowed me to access files off a PC that wouldn’t boot into Windows

The Trinity Rescue Kit (“TRK” as I’ll refer to it in this article) is a wonderful tool to have in your tool bag if you’re an IT person. I’ve used this many times to reset the local Windows administrator password on PCs. If you’re game to navigate its text-only, non-GUI, non-mouse, user interface, then make sure you have a copy of it with you. I won’t go over how to create a bootable Trinity Rescue Kit CD because that’s on the web.

But what I will talk about is a cool way I’ve used it recently. I had a customer who recently purchased a Mac and wanted to copy her data from her old PC to it. Problem was the OS on the PC was corrupt. I tried some basic stuff to get the PC up and running. It wouldn’t boot into safe mode and an in-place upgrade wasn’t going to fit in the time frame that I needed to get the work done in.

Thankfully I had the TRK CD with me. Up until today, I’ve only used it as a local password reset tool as I mentioned. I booted it up with the intention of finding some sort of BART PE or other bootable environment so I can access the files, copy them to external storage, then copy it to the Mac.

Guess what I found to my surprise which turned out to be a much better solution?

Enter TRK’s Fileserver Utility

TRK has a fileserver utility which makes it able to share files over a network. I proceeded to set up the parameters which amounted to just enabling the fileserver and setting up a user and password. Then I used TRK’s IP configuration utility to assign a fixed IP address to what it called Ethernet 0 (or 1, I forget). The adapter it found was the onboard CAT5 NIC. I just tested to see if I could ping it once the cable was plugged into the customer’s switch and used SMB from the Mac’s Finder to connect to the TRK fileserver on the old PC using the IP address I gave it then connected using the credentials I set up.

Voila! It worked! I could see the file system on the old PC from the Mac, so I copied the files over the network to the Mac user’s home folders.

The customer now has all the data she needed from her old PC. I didn’t have to repair the OS or reinstall in on the old computer. All I had to do was boot into TRK, enable the fileserver, assign a user/password, then assign a fixed IP address. The only thing that could’ve messed me up was a corrupt file system on the old hard drive, but that wasn’t the case.

Trinity Rescue Kit saved my skin again!