users log onto the domain but use a local admin profile? 1

[cherisc]

Is it possible for users to log onto the domain, but use a local administrator profile?
Here's what the customer wants:
For users to be able to log into the Windows 2003 Domain, but use the Administrator profile located on the Local Machine, Instead of creating a new profile on the local machine. He wants this so that the groupwise configurations (and other configurations) do not have to be configured for every user who logs on.
Or, can we create the proper configurations in the default user profile on each computer so that the newly created profile will have the default settings.
We are considering setting up roaming profiles and copying them to all of the users (Microsoft article 314478), but when I try to change the setting in Properties of My Computer - Advanced - User Settings, the Roaming Profile option is greyed out. Is there a registry change or something I should do on the domain controller first?
Or, is there a way to what he wants from the domain controller?
Any suggestions might be helpful.
Thanks,
Cheri

 

[adcfaq]

it can be: you need to tatoo the registry for the profilepath for that user and pointint the local admin profile, that's it.

HKLM\software\microsoft\windowsnt\currentversion\profilelist

 

[cherisc]

Thank you, benlu.
Is there a way to have all new users who log on to automatically use this setting? From the way the benlu stated and the way I understand it, we would have to make that registry change after each person logs in.
I'm starting to think that I should just create the settings that we want in the default user profile and allow the local computer to create new profiles for each user.
We have decided for sure that we are not going to use roaming profiles.
Any more suggestions?
Thank you.

 

[adcfaq]

in ur case, i'd recommend all users are using the same roaming profile in ADUC.

-----
Directory Services/Exchange Consultant

 

[cherisc]

We found a beta program out there that might work for this. We are currently testing it out. Here is the link:

http://www.forensit.com

They have a beta product called User Profile Manager. It's a 55-day trial download.

Has anyone used this program?? If so, I am looking for feedback on it. I have it installed on my computer, and it installs right into the Windows shell, and is accessed through Control Panel.

My colleague wrote this about the program:
"You can assign the Administrator profile to a group such as Administrators or Everyone. When someone logs into the domain they will use the assigned profile. There is no other profile created for them."

Any feedback on this program would be very helpful.

Thank you.

 

[Crackmastervansnap]

I have never seen a user be able to log onto a domain by using a local account. If you can by editing the registry to point to the local profile, how does the user authenticate? The SID would be for the local user not the domain user. If this is possible, it would save lots of time copying user profiles when joining machines to a domain.

 

[cherisc]

I believe you change the properties of the SID when making the registry change or using the program mentioned above. So the user still authenticates, but the registry entry for that SID points to a different account that is stored on the local machine.
I am still researching and testing these solutions. Still, any suggestions from someone who has gotten this to work would be great.
Thanks.