I'm trying to sort out some issues I'm having with logons and roaming profiles.
The staff have two accounts - one for the school network and one for home use.
I'm trying to get them out of the idea of using their network login at home - simply because they're not at home.
I've modified the Group Policy to log off the machine if it cannot load the profile from the network. This works fine on a "clean" machine.
But if there is a cached profile already on there it logs them on.
This causes us a regular problem of calls saying "I cannot see my H drive" or "cannot see the shared areas" because they've not plugged in the network cable and got a cached login and the login scripts haven't mapped the drives.
I'm reluctant to enable the "delete cached profiles at logoff" policy setting because some staff have large profiles and won't change the way they work, despite us removing all access to My Documents.
I've also tried to implement mandatory profiles but this also didn't go down well. The problem is that the network has not been securely locked down by my predecessor and I can't get any support for them to come around to my way of thinking and the way things have been in my previous schools.
Update: That seems to have done the trick. If there's no network (either wired or wireless) I just get DOMAIN NOT AVAILABLE - which is exactly what I wanted. I had this running at a previous school but it was 2003 when the policy was implemented!
Last edited by Gibbo; 27th November 2008 at 07:21 PM.