I am trying to create a mandatory roaming profile on Win2k8 R2 for some Windows 7 machines. I used a client and created a User1 account, customized it, uploaded it to a shared folder and changed the ntuser.dat file to ntuser.man and changed the profile path in active directory. Everything works great and whenever I login using User1 on any machine, it pulls down the mandatory profile beautifully. The problem comes in on User2. I want User2 to use the same mandatory roaming profile as User1. So, I make sure that permission on the share folder are set correctly and change the profile path in active directory for User2 to use the User1 profile and then I'm presented with the error message, "The Group Policy Client service failed the logon. Access is denied." I can turn right around and login with User1 and it works great, but whenever I try to log in with User2 I get the error. What am I doing wrong?!

Hi, Please check the permission of the folder again. You must grant full control to Everyone group. You may refer to the following links. http://support.microsoft.com/kb/307800 http://msdn.microsoft.com/en-us/library/bb776895(v=vs.85).aspx http://technet.microsoft.com/en-us/library/cc786301(WS.10).aspxPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Granting Full Control permission to Everyone gives me the same result. Okay, let's start over here, maybe I've done something wrong from the start. Let me tell you what I did to get to this point. I created a user account on the client machine. Customized it the way I wanted it. Then copied the entire contents of the profile folder from the Users folder on the client machine (including hidden and system files) to the shared folder on the server and made sure it had the .V2 extension. I checked permissions and made sure all that was kosher. I then went to AD and pointed the profile path to shared folder (i.e. \\servername\profiles\profilefolder). I then went to the client machine, logged in and verified that everything worked. I then renamed ntuser.dat to ntuser.man and logged in again. Again, all worked great. I then tried to point the next user to the same profile folder and that's when I get the error message. Am I leaving out a step somewhere?

Hi, Please copy the profile to another location, and point the other user to the new path for a test. And please check the permission again. To follow the article below carefully. http://support.microsoft.com/kb/973289 Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, How is it going? Please feel free to give us any updates. Regards, Juke TechNet Subscriber support in form. If you have any feedback on our support, please contact tngfb@microsoft.comPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, Thanks for posting in Microsoft TechNet forums. As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish. BTW, we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts. Best Regards Juke Chou TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tngfb@microsoft.comPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

What is the previous steps you are referring to? I am having a same problem (creating mandatory profile on the client workstation, and copied over to the shared folder on the server with full-rights to everyone, but getting that error message), and searched on the net for the last two weeks without any solution. Could you describe in details how to get it working? Windows XP & 2003 worked wonderfully. Windows 7 & 2008 is not working at all. I wish I can go back to XP & 2003.

I ended up not even going that route. Rather than having every user share a single mandatory roaming profile (which I know is possible and believe I know how now and just haven't had time to work on yet) I just let each other create their own profile, keeping their permission sets as when they were created and and just renaming the NTUSER.DAT to .MAN. It wasn't a cure for me, but a workaround so that I could at least get those machines up and running.