Thursday, September 17, 2009

Solving local users not appearing in the Connect Computer application when adding a computer to the SBS 2008 domain

The Problem:
When joining a computer to a SBS 2008 domain using the Connect Computer application, you may not see some or any local user profiles in the "Move existing user data and settings" dialog box. This can happen even if the "Make this folder private" option is deselected for the user's profile folder within Documents and Settings.

The Solution:
Copy the user profile folder to a new place (I used System Properties >> Advanced Tab >> User Profiles >> Settings >> Copy To) and then delete the original user profile folder. Log in with the user account so that a new profile folder is created. Delete all contents of the new user profile and copy over all contents of the old user profile. You will now be able to see the profile in the SBS Connect Computer application.

NOTE: You may want to first try renaming the NTUSER.DAT file as well as the NTUSER.DAT.LOG and NTUSER.INI files. However, that did not work in my situation and I had to completely recreate the user profile folder.

The Long Story:
I was attempting to join a user's computer to my SBS 2008 domain with the Connect Computer program. On the "Move existing user data and settings" dialog box I was dismayed to find that the drop down lists underneath the "Old logon name" heading were not populated with any user accounts. It was as if it didn't see any local user profiles.

The standard thing to check at this point is if the user profile folders that you are interested in have the "Make this folder private" option enabled which enacts "Level 1 Security" on the folder. Simple file sharing needs to be turned on to see that exact option. In my case, that option was deselected like it should have been.

I went to a different computer and ran the Connect Computer app and on the "Move existing user data and settings" dialog box I was able to see two of the eight profiles! I tried to figure out why those 6 profiles were not visible to the SBS app. Of the 8 total profile folders, only three of the corresponding accounts still existed on the local computer. Of those three accounts on the computer, only two were shown in the Connect Computer app. At this point I suspected that for the profile to be seen, the corresponding user account had to exist on the local computer. This might seem obvious at first, but initially I thought it would search for profile folders regardless of the user account existence.

First in my troubleshooting efforts was to create a brand new local user. After I logged in as that user to create the profile folder, I was able to then choose that profile in the Connect Computer app. I then deleted the newly created user and could not see that profile as an option in the Connect Computer app. That proved that in order for the profile to show up in Connect Computer, there had to be a corresponding user in the local SAM. However, this concept seemed to be thwarted by the fact that there was one profile that was not displayed in Connect Computer even though the user account still existed on the machine.

I decided to investigate that one user account that still existed on the machine but wasn't showing up in Connect Computer. When I logged in I saw the "Personalized settings... setting up personalized settings for Themes Setup" dialog box as if I was logging into a profile for the first time. Hmmm... maybe somehow the connection between the user account and the profile had been broken? But just what is that connection between the account and the profile folder? I didn't know enough about Windows accounts to know. I had a vague idea that it might have something to do with the NTUSER.DAT file.

After that user had logged in, I checked the Docs and Settings folder and noticed a new user profile folder in the format of [username].[computername]. Ouch. It had indeed created a new user profile. Somehow the connection between the original profile folder and the user account had been broken. I deleted the entire [username].[computername] folder and then went into the original [username] folder and deleted the NTUSER.DAT and NTUSER.DAT.LOG files hoping that it would create a new set of files. It didn't work. Logging in caused the creation of a new profile folder.

After much frustration and hacking, it seems that the only way to get an existing user account to use the information in an older profile is to move the profile folder to a different place, log in with the user to have a brand new profile folder created, delete all of the newly created files and folders in the profile and move over all of the old files from the old profile folder. You should now be able to see the user account in the Connect Computer app.

For more information about moving profile information, read MS KB 811151.

1 comment:

  1. Thanks mate, Helped me along with a frustating account that would not show up. Too bad it takes quite some while to move profiles in windows XP. Will keep this in mind for the next time it happens.