howto disable profile caching

Hi All
I enabled for my Domain-Admin account server-stored profiles. Somehow
everytime when I log on on different Domain-Computers they need too long
for logging on and then I see that my profile was completely copied to
the computer's local profiles' directory.
so now my question: How do I disable that caching for my profile? I
looked to my profile's settings but didn't find anything

Erik Lukac <(E-Mail Removed)> wrote:
> Hi All
> I enabled for my Domain-Admin account server-stored profiles. Somehow
> everytime when I log on on different Domain-Computers they need too
> long for logging on and then I see that my profile was completely
> copied to the computer's local profiles' directory.
> so now my question: How do I disable that caching for my profile? I
> looked to my profile's settings but didn't find anything

Well, since your domain admin account really shouldn't be used for logins to
anything other than your DCs (and even for basic admin work, you shouldn't
be using the built-in domain admin account), I suggest you go into the ADUC
properties and remove the profile path entirely. I don't use roaming
profiles for any administrative accounts.

Lanwench [MVP - Exchange] wrote:
> Erik Lukac <(E-Mail Removed)> wrote:
>> Hi All
>> I enabled for my Domain-Admin account server-stored profiles. Somehow
>> everytime when I log on on different Domain-Computers they need too
>> long for logging on and then I see that my profile was completely
>> copied to the computer's local profiles' directory.
>> so now my question: How do I disable that caching for my profile? I
>> looked to my profile's settings but didn't find anything
>
> Well, since your domain admin account really shouldn't be used for logins to
> anything other than your DCs (and even for basic admin work, you shouldn't
> be using the built-in domain admin account), I suggest you go into the ADUC
> properties and remove the profile path entirely. I don't use roaming
> profiles for any administrative accounts.
>
>
Hi,
it is not just my Domain-Admin account that is affected. my simple
useraccount does the same. Caching needs a lot of space
I avoid logging in as admin as often as I can but for example even netsh
doesnt work with the runas-tool and I cant any explorer windows in runas.
I might disable Server-Stored profiles for any admin-account but I still
need that (without caching) for my userlogin

What do you mean with "ADUC properties"? you mean I shall disable
server-stored profile for my account or shall I remove the folder my
profile is stored in?

hi,
check on GPO\computer configuration\administrative templates\system\user
profiles delete cached copies of roaming profiles
--
Dragos CAMARA
MCSA Windows 2003 server


"Erik Lukac" wrote:

> Hi All
> I enabled for my Domain-Admin account server-stored profiles. Somehow
> everytime when I log on on different Domain-Computers they need too long
> for logging on and then I see that my profile was completely copied to
> the computer's local profiles' directory.
> so now my question: How do I disable that caching for my profile? I
> looked to my profile's settings but didn't find anything
>

Erik Lukac <(E-Mail Removed)> wrote:
> Lanwench [MVP - Exchange] wrote:
>> Erik Lukac <(E-Mail Removed)> wrote:
>>> Hi All
>>> I enabled for my Domain-Admin account server-stored profiles.
>>> Somehow everytime when I log on on different Domain-Computers they
>>> need too long for logging on and then I see that my profile was
>>> completely copied to the computer's local profiles' directory.
>>> so now my question: How do I disable that caching for my profile? I
>>> looked to my profile's settings but didn't find anything
>>
>> Well, since your domain admin account really shouldn't be used for
>> logins to anything other than your DCs (and even for basic admin
>> work, you shouldn't be using the built-in domain admin account), I
>> suggest you go into the ADUC properties and remove the profile path
>> entirely. I don't use roaming profiles for any administrative
>> accounts.
> Hi,
> it is not just my Domain-Admin account that is affected. my simple
> useraccount does the same. Caching needs a lot of space

It doesn't have to, if you keep your profiles miniscule. Use folder
redirection via group policy....it's a must even without roaming profiles.
Roaming profiles can work very well - but you must be very careful when
configuring them.

> I avoid logging in as admin as often as I can but for example even
> netsh doesnt work with the runas-tool and I cant any explorer windows
> in runas. I might disable Server-Stored profiles for any
> admin-account but I still need that (without caching) for my userlogin

Create a user account that has the rights you need - I like to create domain
groups called LocalAdmin and LocalPowerUser and add them to the
workstations' respective local groups - then I can add the 'engineering'
account to the AD group I need.

You can control the caching of roaming profiles via GPO -
http://support.microsoft.com/kb/274152
>
> What do you mean with "ADUC properties"? you mean I shall disable
> server-stored profile for my account or shall I remove the folder my
> profile is stored in?

Don't remove the folder - remove the path from the 'profile' field in the
domain admin account properties.