event id:1522 when using Flex Profile Kit

I was testing with the Flexprofile kit by Login Consultants on my home Citrix server and during testing I kept getting this error in my eventviewer:
Windows cannot locate your roaming profile (read only) and is attempting to log you on with your local profile. Possible causes of this error include network problems or insufficient security rights. If this problem persists, contact your network administrator.DETAIL – The system cannot find the file specified.
What helped me was checking the following things (some parts were taken from the Login Forum):

These are the steps to be taken:
1. Login as an admin on the server you want to copy the profile to used for your mandatory.
2. On the properties of My Computer, go to advance tab.
3. Click on settings for User Profiles
4. Highlight the profile you want to copy and click on Copy To
5. In the Copy profile to, enter the path.
6. Click on Change on the Permitted to use, you can have authenticated users in there.
7. Click on OK
8. Then rename the ntuser.dat to .man, delete the other folders in there.
- You also might want to check out and test the policy “Do not check for ownership of Roaming Profile Folders” in Computer/admin/system/user profiles.
- Check for inconsistensies in profile paths in the TS Config of the user and policies that are in place. (try disabling or removing one of them)
- Load the ntuser.dat (or .man if you’ve renamed it) into regedit (or regedt32 if on Win 2000) and set the permissions on the root of the key you just imported into regedit. Set it to Authenitcated Users, or a group of your choice, and set it to Full Control (not sure if that’s overkill). Then unload the hive and try again. Also users need NTFS Read permissions on the folders/files too
- If you are using the GPO setting “prevent Roaming Profile changes from Propagating to the server” the user need to have a profile path specified. You can use “set path for Roaming Profiles” to specify the profile path (although i never tried these settings combined) for users. You must know this GPO points to a so called Root Path.
If you specify \\server\share the policy expects in this share a directory with the username within it.
So for user1 the policy will be loaded with the following setting \\server\share\user1. In that folder the profile must be available.
- Check out these hotfixes:
http://support.microsoft.com/kb/908011/en-us
http://support.microsoft.com/kb/914061/en-us

Comments are closed.

Jul200706

Aleks

0