First let me explain our environment. Active Directory, Server 2003, Windows XP SP3 clients. We have roaming profiles and redirected folders. We require our users to change passwords. On a good portion of our machines (might be all of them but not sure), when a user is prompted to change his password at login, when he logs on his roaming profile either isn't loading or isn't loading completely, because they don't get many of their settings, most noticeably their Outlook settings/profile. When they log off, they still have a folder stuck in Documents and Settings. We have a GPO that is set to delete local copies of profiles at log off, so I'm guessing that means its either a local profile, or a file is still in use in there and it can't delete it. What we have the users do when they get this problem is to reboot their machines, then log back on. We have a script that runs at startup that deletes user profiles stuck in Documents and Settings and removes their info from the registry, so we dont have to manually clean it up every time. Then when they log in now, with their new password, they get their roaming profile with all their settings. Since this works, it almost makes me think that bad partial profile isn't a roaming profile, since their roaming profile works this time around (it didn't get corrupted by the 1st attempt logging on after changing the password). Does anyone still have this problem? Or know how I can fix it? I've read some old posts from back in 2008 that this apparently broke for a lot of people with SP3, but I'd imagine Microsoft pushed this hotfix out by now to the general public. Our machines are current with all Microsoft patches to the best of my knowledge. I'm not sure if there are specific files i need to check or what.

Hi, Please provide us more information and help clarify the following questions: 1. You said that “they don't get many of their settings, most noticeably their Outlook settings/profile”, can you specify which settings? Do you know how the settings are saved in the profile directory? 2. Did Outlook work properly when the issue occurred? 3. If the “roaming profile isn't loading”, did you receive any errors? If so, please write down the exact error for research. 4. “When they log off, they still have a folder stuck in Documents and Settings”, which folder are you talking about? What is the exact message on logoff screen? 5. When the folder stuck, did you force restarting the computer? How about just waiting for a few more minutes? To troubleshoot the logoff problems, the following article will be helpful: You experience log off problems on a Windows XP-based, Windows Server 2003-based, Windows 2000-based, or Windows NT 4.0-based computer http://support.microsoft.com/kb/837115 For further troubleshooting, please also help gather the following files: 1. Event Log on the problematic Windows XP client =============================== a. Click "Start", input "eventvwr" (without quotation marks) in the Start Search bar and press Enter. b. Expand the "Windows Logs" node on the left pane, right-click on "Application" and click "Save All Events As"; in the pop-up window, click to choose the Desktop icon on the left frame, input "app" in the "File name" blank, and then click save. c. Right click on "System", with the same method, save it as "sys". d. Locate the saved log files on the Desktop. 2. GPMC Log ============ a. On domain controller, click Start -> Run, type GPMC.MSC, it will load the GPMC console. If the GPMC snap-in is not installed, b. Right click on "Group Policy Result" and choose wizard to generate a report for the problematic XP computer and user account. (Choose computer and select the proper user in the wizard) c. Right click the resulting group policy result and click the "Save Report…" => save report to save the report to a HTML file. Please locate the saved Event Log file on the Desktop and the GPMC Log for research. Upload these file to the following workspace. ------------------------------------------------------------ You can upload the information files to the following link. (Please choose "Send Files to Microsoft") Workspace URL: (https://sftus.one.microsoft.com/choosetransfer.aspx?key=3d899e27-829c-45e5-9b16-7a14bf8804d1) Password: ]2maOEUqWqv Note: Due to differences in text formatting with various email clients, the workspace link above may appear to be broken. Please be sure to include all text between '(' and ')' when typing or copying the workspace link into your browser. Meanwhile, please note that files uploaded for more than 72 hours will be deleted automatically. Please ensure to notify me timely after you have uploaded the files. Thank you for your understanding. Best Regards, Nina Liu TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

I know for sure they do not receive their Outlook profile. Once we realize that isn't there we know what the issue is so do not investigate further to see what else is missing. Sometimes they don't get their desktop files either (we have redirected desktops). Outlook does not work correctly becuase there is no profile associated to it. The users do not receive any error message on their screen, they go to log on, get prompted to change password, change it, then are taken to a desktop. When they log off and a folder is stuck in Document and Settings, when I said "they" I was referring to the users. so if the username was jblow, the folder still there (with contents inside of it) would be c:\documents and settings\jblow. Again, the user gets no error message on the screen at log off. When the folder is stuck, waiting a couple minutes for files to unload doesn't help. We need to do a reboot to break the locks. Also, we already have UPHClean installed on the workstations. Next time I have an example I will try to gather the event log for you. Let me know what else I can do in the meantime. Thanks for the help.

Hi, For the Outlook profile issue, as it is related to Outlook software itself, let’s focus on the missing Windows settings and the “folder stuck” issue first. According to your description, the user logoff process is fine (no hung), just the local profile is remained on the XP client? Isn’t it? What do you mean by saying “waiting a couple minutes for files to unload doesn't help. we need to do a reboot to break the locks”? What is the “locks” about? If the issue reoccurs, please help gather the event log and GPMC log for research. Please also export the following key on the problematic Windows XP client: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\System Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Correct, the user logs off "fine" or at least it appears that way to them, but they still have a folder in Documents and Settings for their account. You asked if waiting helped delete the stuck profile, it does not as the folder still exists after several minutes. By "locks" i meant the locks that are put on files in use which prevents you from deleting them. After a reboot the files are not locked anymore and can be deleted. As far as that registry key, they should all have the following set to 1 based on looking at a couple random machines and the machine policies applied to all of them are the same. AddAdminGroupToRUP CompatibleRUPSecurity DeleteRoamingCache ProfileErrorAction SlowLinkProfileDefault

Hi, Thanks for your clarify. I see that the user logoff appears fine, but the local copy of the roaming profile is remained (the profile folder under Documents and Settings). Another thing I want to confirm. After rebooting, re-logon, you can run a script to clean the local profile, what if you do not run the script, can the local copy of profile be deleted automatically? According to the registry listed, if there is a registry value named DeleteRoamingCache (REG_DWORD) with value 1, the policy “Delete cached copies of roaming profiles” has been applied on this client. Again, if the issue reoccurs, please help gather the event log for research. Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Nina. We have the script setup as scheduled task that runs at startup. If not, the local copy of the profile remains on the machine. If the user were to log in at that point, another folder would be created for them under Documents and Settings with a name of UserName.DomainName. That then causes problems for them. That is why we have the script clean up the folders (and the folders related registry keys) when the machine reboots. We restart the machine, wait a minute to give the scheduled task time to run, then they can log back in and only have a UserName folder under Documents and Settings. So to answer your question, just rebooting without running that script (or deleting it manually by logging in as an administrator) does not delete the local copy. It takes some kind of intervention to clean it up.

Hi, As a summary, although the policy “Delete cached copies of roaming profiles” is applied on the client, the local copy of a user's roaming profile cannot be deleted when the user logs off. Also, it does not delete the local copy if you delete it manually by logging in as an administrator. Did you receive any errors when deleting manually by an administrator? If the issue reoccurs, please let us know. Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Correct, if you log in as an administrator immediately after the user logs off, you cannot delete the profile completely either due to files still being locked. It does allow you to delete some files within the profile folder, but the others like ntuser.dat and other files buried deeper within that folder give you the error that the file is still open so you can't delete it.

I just uploaded a copy of the event logs, as well as one of the folders left in Documents and Settings. I had to disable my profile folder cleanup script, then restart, then log back in as an admin to be able to copy that, as at least ntuser.dat was locked still and wouldn't allow me to copy the folder.

I just uploaded a copy of the event logs, as well as one of the folders left in Documents and Settings. I had to disable my profile folder cleanup script, then restart, then log back in as an admin to be able to copy that, as at least ntuser.dat was locked still and wouldn't allow me to copy the folder.

Hi, From the event log, I found the following errors: The scan of C:\Program Files\Common Files\McAfee\Engine\avvscan.dat has taken too long to complete and is being canceled. Failed to perform redirection of folder Application Data...The directory name is invalid Failed to perform redirection of folder My Documents… Failed to perform redirection of folder Desktop… I see that you have disabled the profile folder cleanup script, please keep it disabling and perform the following suggestions for troubleshooting first: 1. Please check whether the user has proper access to both source and destination. On the problematic client, please access the path directly. Any error? 2. Disable or shut down McAfee as a test 3. Test the results in Clean Boot mode -------------------------------------------------- 1). Click "Start", click “Run” and type "msconfig" to start the System Configuration Utility. 2). Click the "Services" tab, check the "Hide All Microsoft Services" box and click Disable All (if it is not gray). 3). Click the "Startup" tab, click "Disable All" and click "OK". 4). Restart your computer. If the "System Configuration Utility" window appears, please check the box and click "OK". 5. ---------------- 1) Right click the share where the profiles are located 2) Click properties 3) Click the sharing tab 4) Click offline settings or caching 5) Enable ‘Files or programs from the share will not be available offline’ Please update us the results. Thanks. Nina Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, From the event log, I found the following errors: The scan of C:\Program Files\Common Files\McAfee\Engine\avvscan.dat has taken too long to complete and is being canceled. Scan engine version used is 5400.1158 DAT Failed to perform redirection of folder Application Data. The folder is configured to be redirected from <H:\Application Data> to <\\tdn-lclsvr01\users01$\jabrown\Application Data>. The following error occurred: The directory name is invalid Failed to perform redirection of folder My Documents… Failed to perform redirection of folder Desktop… I see that you have disabled the profile folder cleanup script, please keep it disabling and perform the following suggestions for troubleshooting first: 1. Please check whether the user has proper access to both source <H:\Application Data> and destination <\\tdn-lclsvr01\users01$\jabrown\Application Data>. On the problematic client, please access the path directly. Any error? 2. Disable or shut down McAfee as a test 3. Test the results in Clean Boot mode -------------------------------------------------- 1). Click "Start", click “Run” and type "msconfig" to start the System Configuration Utility. 2). Click the "Services" tab, check the "Hide All Microsoft Services" box and click Disable All (if it is not gray). 3). Click the "Startup" tab, click "Disable All" and click "OK". 4). Restart your computer. If the "System Configuration Utility" window appears, please check the box and click "OK". 5. ---------------- 1) Right click the share where the profiles are located 2) Click properties 3) Click the sharing tab 4) Click offline settings or caching 5) Enable ‘Files or programs from the share will not be available offline’ Please update us the results. Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Nina, first, thanks for the reply. Secondly, I dont appreciate you posting direct lines publicly from my event log, can you please edit your previous post to remove them. Third, the user does have permissions to those folders so not sure why they get those errrors. They can go to each path from the run menu fine. I'm not sure what McAfee would have to do with this, since it only happens when the password is changed. Can you give me more details. Fourth, I had this issue happen with another user, after going through and deleting all the files from the profile that it would let me, there were only 4 that would not delete. they were ntuser.dat and ntuser.dat.LOG at the root level of the user's profile folder, then UsrClass.dat and UsrClass.dat.LOG in username\Local Settings\Application Data\Microsoft\Windows

Hi, From the event log, I found the following errors: The scan of C:\Program Files\Common Files\McAfee\Engine\avvscan.dat has taken too long to complete and is being canceled. Failed to perform redirection of folder Application Data...The directory name is invalid Failed to perform redirection of folder My Documents… Failed to perform redirection of folder Desktop… I see that you have disabled the profile folder cleanup script, please keep it disabling and perform the following suggestions for troubleshooting first: 1. Please check whether the user has proper access to both source and destination. On the problematic client, please access the path directly. Any error? 2. Disable or shut down McAfee as a test 3. Test the results in Clean Boot mode -------------------------------------------------- 1). Click "Start", click “Run” and type "msconfig" to start the System Configuration Utility. 2). Click the "Services" tab, check the "Hide All Microsoft Services" box and click Disable All (if it is not gray). 3). Click the "Startup" tab, click "Disable All" and click "OK". 4). Restart your computer. If the "System Configuration Utility" window appears, please check the box and click "OK". 4. ---------------- 1) Right click the share where the profiles are located 2) Click properties 3) Click the sharing tab 4) Click offline settings or caching 5) Enable ‘Files or programs from the share will not be available offline’ Please update us the results. Thanks. Nina Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, Sorry for the inconvenience, I have removed the entries as you asked. For the folder redirection error, you can refer to the following steps to enable fdeploy.log and check for the detailed error: On the problematic Windows XP client, go to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics Set: FdeployDebugLevel = Reg_DWORD 0x0f The log file can be found at: %windir%\debug\usermode\fdeploy.log For your concerns for disabling or shutting down McAfee, I just wanted to list all the possible causes or factors to help narrow down the issue. Please test it on your side. Thanks for your cooperation. Please also update the results after following other suggestions. If you would like to trace any troubles encountered when deleting the profile files, Process Monitor will be helpful. Refer to: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hey Nina. Need your advice. This problem happens randomly, I dont think it would be best to go around and enable that option on all the PCs. Is there something I can look at after it happens to narrow down the cause?

Hi, I do understand that the issue occurs randomly and troubleshooting will be time-consuming, your continued efforts are appreciated. As we talked previously, after the issue occurs please check event log for more clues. The above suggestions I have provided are according to the entries found in the log. Once the issue occurs, you can disable the profile folder cleanup script and move on troubleshooting on one user as a test to help narrow down the root cause. If you would like to speak directly with a Microsoft Support Professional to analyze the problem in an efficient way, you can contact Microsoft Customer Service and Support (CSS). For a complete list of Microsoft Product Support Services phone numbers, please go to the following address on the World Wide Web, to find the local number: How and when to contact Microsoft Customer Service and Support http://support.microsoft.com/kb/295539 If there is anything I can do for you, or any progress on the issue, please feel free to let me know. Best Regards, NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.