I really am hoping that i can get someone’s expertise with this. I am running into a problem setting up a network for my school at present I am running a test network to get myself ready for when all the equipment comes in might as well be prepared for this.
Now first things first I have a bit of experience with server 2003 but i am still learning as i go along, my experience was in maintaining the server and pupils but never from first setup so this is my first big project.
I am setting up a networking with 1 server running windows server 2003, 3x300Gb SAS drives on raid 5. When I am setting up pupil accounts and then staff accounts I have created a new organisational unit for pupils another one for staff and another one for non-teaching staff. I think this is right when i am wanting to use group policies for them. I take it that if i was to create another one for 6th form pupils then I could give a bit more access for 6th years am I right in thinking that.
I have tried creating roaming profiles but i am not sure if I am doing this right or not. I log into the workstation as Administrator and create a test account called "Pupil" then log out and log in as Pupil from here i change the desktop and start menu to the way that I want a pupils account to look including desktop, when I am finished I log out and back in as administrator and copy there profile over to the server shared "\\server-name\Profiles\Pupil", I think I have done that all right for just the profile but what I am not sure about do I then copy this profile for all other users.
I am wanting then to set up so that they have there own area on the server for all there documents so I then create another share called Users and from here this is were i am getting stuck any help with both making sure i have roaming profiles working right and then how to set there documents to copy over to any machine they log into would be much appreciated.
That's a good way to get the settings right for the user.
What you can then do is copy that profile to \\<domain>\netlogon\default user
When a new user logs on who has (say) \\server\profiles\<username> specified as their profile they will look in the "default user" folder if there's nothing already on the server.
You also need to make sure that you get the permissions right on the default copy. When you've configured the pupil profile on the workstation, log off, log on as admin and use the user profiles bit of control panel (System | advanced | user profiles) to copy the profile to the server - this will set the permissions for you (specify "everyone" as the user allowed to use it)
Before you commit yourself to Roaming Profiles, ask yourself if you actually need them.
Only staff here have roaming profiles. The kids use a single mandatory profile. Obviously, home drives are redirected so everyone has their own 'My Documents', but by using Mandatory profiles, everything is the same every time the child logs in... no matter what they get up to! It means the profile doesn't grow and slow down logon times.
I wish I could say the same for the staff mandatory profiles, but I prefer to let them have the ability to taylor their logon to their needs.
thats a good idea just let the pupils have the same login no matter what but let roaming profiles for the staff to allow them to taylor there account abit. But then how do i keep the account exactly the same for the pupils.
thank you for the replies.
srochford, If i spfiy everyone to use this does that mean it will copy for staff pupils and myself. The only profile i would have liked this to work on would be the pupils, but again possibly just make that for the staff and give the students a default profile.
Change the name of user.dat to user.man (that will make it mandatory - can't be changed by user). Change the permissions on the profile folder to Read Only for all pupils (that will stop any changes being written back to the profile when pupils log off).
You'll need to update the profile now and then if you install new programs/updates/etc, otherwise it will keep trying to apply the changes every time a pupil logs on. To do this make a new pupil user (e.g. testpupil) and give them Full access over the profile folder. Each time you need to change the profile rename ntuser.man back to ntuser.dat, log on as the testpupil, open whatever programs need to register their new settings, then log off again - the new data will then be written back to the profile. Rename ntuser.dat back to ntuser.man to finish.
You might want to make a copy of the previous profile before you update it though so you can restore it if it goes wrong (which it does sometimes).
You can also use this user to set up your mandatory profile in the first place - make sure you open every single program (especially MS Office!) and clear out Temporary Internet Files etc before you're done (to keep it as small as possible=faster logon).
fantasic thank you very much for the ideas, thats exactly what we are hoping for is faster login and generaly a faster system. That was one of the questions i had wondered about was what if i install programs and the pupils cant get access to them but if i login with the test puil account and chage there ntuser back to .dat then open all the programs this should fix that problem?
Usually yes. Use Group Policies as well to lock things down (that's a whole different kettle of bananas to baffle your brain!).
hey, don't forget to thank us, Shocker....:D
hi guys no sorry havent been on all day been working away on this server today. Thank you very much for all your feedback really has been helpfull managed to get most of the accounts up and running and now i am mapping out shared areas to pupils and staff accounts, the next thing i am going to look at is mapping printers to accounts dependtant on which room the pupils are in.
Thank you all for your help and support with roaming profiles really is much appreatiated.
i have been using group profiles at the min for locking the accounts down seems to be working really well.