ads

Style6

Style3[OneLeft]

Style3[OneRight]

Style4

Style5[ImagesOnly]

Style2

Fix Temporary Profiles on RDS Server.

Problem:  Users receive temporary profiles each time they log onto the Remote Desktop Server.  The problem is not uniform and may only occur for individual users.

Possible errors may read, "Windows cannot find the local profile and is logging you on with a temporary profile.  Changes you make to this profile will be lost when you log off."

Background:  RDS server is configured with User Profile Disks (UPD).  The problem usually occurs when the user session state is disconnected.  Although the user is not connected their sessions continue to run in the server background -therefore their UPD remains attached to the RDS server.  Users will receive temporary profiles if their UPD was attached to the RDS server when it was restarted.

How to fix temporary profile issues:

  1. Have user log off the server.  Do not allow users to log on while troubleshooting.
  2. Attempt to delete the temporary profile from Advanced System Properties:

    Go to Control Panel → System → Advanced System Properties → Advanced → User Profiles → Settings.

    Delete any profiles with Type set as TEMP.
  3. Delete any temporary use profiles from the ProfileList in Regedit.

    Open Regedit:
    HKLM\SOFTWARE\Microsoft\Windows NT\Current Version\ProfileList

    Profiles are listed using objectSIDs, for example:
    S-1-5-82-3848493281-17249319953-1783664087-774473773-2625933694

    Identify and delete any objectSIDs that have a .bak suffix, for example:
    S-1-5-82-3848493281-17249319953-1783664087-774473773-2625933694.bak

    N.B., each objectSID profile has an expandable string value called ProfileImagePath.  Use this string value to easily identify individual users, for example:

    Value Name:  ProfileImagePath
    Value Data:  C:\Users\BGates

  4. Finally, manually delete any temporary profiles located in c:\users\, for example:

    TEMP.Domain.000
    TEMP.Backup-0
How to prevent temporary profiles issues (i.e., mitigation):

Set GPO policy to log off disconnected sessions after X minutes.   This will reduce the likelihood that UPDs will remain connected if the server is restarted or loses power.

Additionally, ensure all user sessions are logged off and do not allow new connections to hosts before performing maintenance and/or restarts.

About Steven Jordan

Steven Jordan is an infrastructure and process management specialist. Steven holds a Master of Science degree in ICT from the University of Wisconsin Stout. Steven is also a Cisco Certified Network Professional (CCNP) and Master Gardener.
«
Next
Newer Post
»
Previous
Older Post

5 comments:

  1. Great article....very helpful.

    In step #2, are profiles with Type set as BACKUP considered temp profiles too?

    ReplyDelete
    Replies
    1. I believe those are temp profiles stored on the local disk. That happens if the VHD network share is unavailable when a user logs on. However, there are other situations when RDS creates temporary profile disks on the network share.

      For both situations, have the user log on and log off again. N.B., ensure the user does not have active sessions beforehand. Manual log offs usually correct temporary profile issues.

      We can(mostly)avoid temporary profile issues with good policy. Keep the share available as much as possible -especially during maintenance. Also, remember to disable logons, and log off all users before installing patches.

      Good Luck!

      Delete
    2. Thank you! This was very helpful!

      Delete
  2. Hi there.

    My situation is that users login to server in the morning and perform a proper sign out and disconnect. They will the attempt to login again in the afternoon and they will randomly get a temp profile. Cannot explain it.

    ReplyDelete
  3. Thanks for the great information! I have a user that consistently has a temp profile. Even if I log the user off before restarting the server, when the user logs back in, he gets a temporary profile every time. If I go into the registry and delete his temp profile out of the profile list and log him off his session, he can log in and connect to his profile. I had two more users have temp profiles today after I restarted the server. And, I went in and logged the users off before I restarted the server. Do you have a recommendation as to how I can trouble shoot this? Thanks!

    -Matt

    ReplyDelete