Hi All, For background, we currently deploy Windows XP and Windows 7 clients in a 2008 Domain, across multiple geographical sites. We have multiple core sites, and for performance, these host roaming profiles for users in the core site, and its surrounding smaller sites. As such, a user working at site A has a profile path \\CoreSiteA\%username% and a user at site B has a profile path \\CoreSiteB\%username% Static TS / RDS profiles are not currently used. The issue with multiple profile servers is that if the user changes job roles and goes to work at a new site, eg from A to B, and their profile path is changed, due to the SID history on the devices (server or user device) if they attempt to log onto a device they have previously logged onto, the device recalls the SID history that the user's profile is pointing at A, causing their profile to fail to load, and a temporary profile is loaded instead. Has anyone else encountered this, or know of a suitable approach to resolve this? http://chrisocallaghan.blogspot.com/

Hi 1. First: to get to the GPO settings for the domain, go to Start Menu>Administrative Tools>GP Management The GPO you want is the default domain policy> The Kerberos setting> To force logoff 2.The second is under Local Policies>Security Options. Network Security: Force logoff when logon hours expire. With with GPO you can Set each user log off after little time. Good Luck

Hi 1. First: to get to the GPO settings for the domain, go to Start Menu>Administrative Tools>GP Management The GPO you want is the default domain policy> The Kerberos setting> To force logoff 2.The second is under Local Policies>Security Options. Network Security: Force logoff when logon hours expire. With with GPO you can Set each user log off after little time. Good Luck

Hi M-Hoveizeh, The users still need to be automatically logged off, what I'm trying to identify is there a way to remove the client SID history on devices without having to manually edit the registry, to stop legacy profile paths. http://chrisocallaghan.blogspot.com/

Hi, > what I'm trying to identify is there a way to remove the client SID history on devices without having to > manually edit the registry, to stop legacy profile paths. How you deployed roaming user profile, in Active Directory Users and Computers or Group Policy. Is this issue happen on a new computer which user didnt logged on before? > if they attempt to log onto a device they have previously logged onto, the device recalls the SID history >that the user's profile is pointing at A Do you mean user at CoreSiteA, its roaming profile is stores at \\CoreSiteA\%username% After user moved to work at CoreSiteB, you change user roaming profile settings to \\CoreSiteB\%username%, and move user roaming profile form CoreSiteA to CoreSiteB. But when user logon to device they have previously logged onto, it cant load user profile from CoreSiteB, but try to load roaming profile from CoreSiteA. I did some test but I cant reproduce your issue. After I modify user roaming profile path in ADUC, profile path is changed at next logon and profile is load successfully. After user logon to temp profile, check whether user can access \\CoreSiteB\%username% Give us feedback for further troubleshooting. For more information please refer to following MS articles: The "Set roaming profile path for all users logging onto this computer" Group Policy setting also applies to local user accounts in Windows Server 2008 http://support.microsoft.com/kb/958736 Roaming Profiles Do Not Load, Generate Errors 18 and 1009 http://support.microsoft.com/kb/266446Lawrence TechNet Community Support

Hi, > what I'm trying to identify is there a way to remove the client SID history on devices without having to > manually edit the registry, to stop legacy profile paths. How you deployed roaming user profile, in Active Directory Users and Computers or Group Policy. Is this issue happen on a new computer which user didnt logged on before? > if they attempt to log onto a device they have previously logged onto, the device recalls the SID history >that the user's profile is pointing at A Do you mean user at CoreSiteA, its roaming profile is stores at \\CoreSiteA\%username% After user moved to work at CoreSiteB, you change user roaming profile settings to \\CoreSiteB\%username%, and move user roaming profile form CoreSiteA to CoreSiteB. But when user logon to device they have previously logged onto, it cant load user profile from CoreSiteB, but try to load roaming profile from CoreSiteA. I did some test but I cant reproduce your issue. After I modify user roaming profile path in ADUC, profile path is changed at next logon and profile is load successfully. After user logon to temp profile, check whether user can access \\CoreSiteB\%username% Give us feedback for further troubleshooting. For more information please refer to following MS articles: The "Set roaming profile path for all users logging onto this computer" Group Policy setting also applies to local user accounts in Windows Server 2008 http://support.microsoft.com/kb/958736 Roaming Profiles Do Not Load, Generate Errors 18 and 1009 http://support.microsoft.com/kb/266446Lawrence TechNet Community Support