Move roaming profile user from 2008 to 2012 on new domain; logon and permission issues
If it was me, I would have done things in a slightly different order to avoid this sort of thing. I suspect the roaming profile you copied to the new server is causing the problem. Profile issues moving to new domains is something I have experienced a lot.
If I were you, I would do the following to attempt to resolve the issue:
Log off as Jim
Log in as Local admin
Take a backup of the local and roaming profile
Right click Computer\Properties\Advanced System Settings\Advanced Tab\User Profiles - Highlight any reference to Jim in the list and hit delete
Go to the server, delete the server copy of Jim's roaming profile and remove the roaming profile setting from the user account object
Log off local admin and restart the machine
Log in as Jim (you will create a new profile)
Set the roaming profile setting for Jim, then log off and on a few times until you can see the profile appear on the server
Copy folders you need from the **old roaming profile backup** to the **new local** profile. Do not copy the whole thing as you'll move over things like the NTuser.dat file and other system files that will be either useless or cause you problems. Only copy stuff you need, like favourites and desktop for example.
Log off as Jim (new profile will be saved to the server is the location specified in AD)
Log on as Jim (the profile will be downloaded from the server and will hopefully now work)
This should fix it. Let me know how you get on.
Related videos on Youtube
stormdrain
Updated on September 18, 2022Comments
-
stormdrain over 1 year
I have an older server 2008 machine with domain
old.local
. I created a new server (2012 R2), promoted to dc and created the domainnew.local
.I set up a share for user folders
Users$
. I moved a users' folder (call him jim) fromold.local
tonew.local
. On a machine that was joined toold.local
and that had been used by this user, I joinednew.local
. I updated the profile folder path onnew.local
to reflect theUsers$/jim
location on the new server.Now, when I log into the computer that I just joined to the new domain with the jim user, I am getting "Logged on with temporary profile" message. The only thing in event viewer that mentions anything about logging in states:
DCOM got error "1787" and was unable to logon OLD\jim in order to run the server: {UUID}
I can't figure out why the heck it is logging an error about trying to log into the old domain. I also can't figure out why the temporary profile issue is happening; the effective permissions on the folder show jim as the owner with full control. Wouldn't be surprised if this is just an artifact of not logging into the new domain correctly though.
Any ideas on what else I can check to track this problem down would be appreciated.
-
stormdrain about 10 yearsThanks -- trying now. In the meantime, what would the proper order be to do this?
-
Simkill about 10 yearsIf by proper you mean 'The Microsoft way', then I think they would tell you to use the Active Directory Migration Tool (ADMT). That is, assuming you are moving the whole of the old domain to the new domain and not just 'Jim'. technet.microsoft.com/en-us/library/cc974332(v=ws.10).aspx EDIT - I do not know if ADMT is compatible when migrating to 2012 R2, in which case I don't know what the tool or replacement tool is now called.
-
Simkill about 10 yearsTry dropping the roaming profile setting on active directory as an addition to step 5. Updating answer now. Please also see additional step - Set the roaming profile setting for Jim, then log off and on a few times until you can see the profile appear on the server. Please remember to start from step 1 as deleting the profiles is a must every time a temp profile is created.
-
stormdrain about 10 yearsI don't see any temp profiles being created; there is default profile (which can't be deleted), admin and another local user (McAfee). I deleted the Users$ share, re-created, and removed and re-added roaming setting for jim. Multi-login's and outs and still no folder for jim in Users$. Also still getting same 1787 error; and still met with OLD\jim at login screen.
-
Simkill about 10 yearsHave you rebooted immediately after the deletion?
-
Simkill about 10 yearsOk, that is all I have for you I'm afraid, that procedure has worked for me in the past. Hope you find a fix.
-
stormdrain about 10 yearsI still have to do this for a few other users - would much appreciate if you could update the answer with a better procedure if starting from scratch. I.e. Should I just join the new domain and log in? Then will the profile be copied to roaming folder? You are right about ADMT not working. At any rate, thanks.