2

We have an issue where a user's account was deleted and then another account was created with the same username. On Windows XP, the profile for this user was created in the folder "user.DOMAIN" whereas the original user's profile is at "user." How can we redirect this user's profile back to the "user" folder? We tried to change the ProfileImagePath registry key and what ended up happening was XP created a third profile at location"user.DOMAIN.000"

BenGC
  • 1,775
  • 15
  • 26
  • The new profile was created because the user did not have rights to either the old folder or the old registry hive. See my answer below for how to correct this. – Jonathan J Oct 21 '11 at 22:41

3 Answers3

4

You'll need to assign the user full access permissions recursively to the old profile folder. You'll also need to do the same for the registry hive (NTUSER.DAT) in the old profile. Then you'll need to edit the ProfileImagePath key as you've previously noted.

To assign permissions to the profile folder:

  1. Log in as a user with administrative rights.
  2. Right-click the old profile folder (C:\Documents and Settings[user name]) and click Permissions. Go to the Security tab. Click Advanced.
  3. Go to the Owner tab. Recursively change the owner to Administrators. (If you get an error, proceed to step 4.)
  4. Go to the Permissions tab. Add the new user account, with full permissions. Apply this recursively.
  5. If you get an error in either step 3 or step 4, repeat both steps in sequence until they both complete successfully without errors.

To assign permissions to the registry hive:

  1. Log in as a user with administrative rights.
  2. Open Registry Editor. Select the HKEY_USERS hive.
  3. Click File - Load Hive. Browse to the old profile folder and select the file ntuser.dat. Give it a friendly name when prompted -- it doesn't really matter what you put here.
  4. Select the newly loaded hive key under the HKEY_USERS hive. Right-click this key and click Permissions. Go to the Security tab. Click Advanced.
  5. Go to the Owner tab. Recursively change the owner to Administrators. (If you get an error, proceed to step 6.)
  6. Go to the Permissions tab. Add the new user account, with full permissions. Apply this recursively.
  7. If you get an error in either step 5 or step 6, repeat both steps in sequence until they both complete successfully without errors.
  8. Select the hive key (from step 4), then click File - Unload Hive.

To modify the ProfileImagePath registry entry:

  1. In Registry Editor, browse to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList (Note the Windows NT not Windows in the path).
  2. Under this key, you will see several subkeys, each corresponding to user SIDs. You'll need to identify the SID for the current user account you are attempting to associate with an old profile.
  3. Under the key corresponding to the SID for the user account, modify the ProfileImagePath entry to reflect the path of the old profile folder.
  4. Close Registry Editor.

Restart the computer. (You may be able to simply log out, but if the registry hives do not unload correctly, the next step may fail.)

Log in as the user, and you should get the user's profile back.

NOTE: Certain saved passwords will be lost, because Windows XP provides a method for saving passwords in an encrypted format that uses the user SID and password as part of the encryption algorithm.

Note also that if the user was previously applied to ACLs on network resources, you may need to modify those ACLs to reflect the user's new SID.

Jonathan J
  • 584
  • 2
  • 5
  • 11
  • Note that these instructions were developed under Windows XP. I haven't had the opportunity to try with Vista or Windows 7 -- your mileage may vary. Vista and Windows 7 have some permissions (particularly on junction points) in the profile folders that may be messed up if you follow these instructions. – Jonathan J Nov 06 '11 at 16:03
1

Look into using USMT, as this will let you pull the profile of one user and restore as another. A deleted user will lose all of the SID information within the registry hive.

http://www.microsoft.com/download/en/details.aspx?id=10837

Another good idea is to disable users and place them in an OU, rather than delete them.

derjur
  • 241
  • 2
  • 7
  • Disabled users still require a CAL. It's a good idea to keep them there for a short time, but not indefinitely. – MDMarra Oct 21 '11 at 21:58
0

Why don't you just copy the contents of user into user.DOMAIN?

MDMarra
  • 100,734
  • 32
  • 197
  • 329
  • But does doing that copy things like the wallpaper, theme setting, etc? – BenGC Oct 21 '11 at 21:46
  • Just copying the contents may break paths stored in configuration files or the registry. Besides, copying the registry hive (ntuser.dat) over may cause a failure of login since the new user account may not have access to keys in this hive. See my answer. – Jonathan J Oct 21 '11 at 22:44