Tuesday, November 22, 2011

Windows Profile Location

This is another one of my favorite techniques when setting up a new system.  What I generally like to do is take the existing hard drive and re-partition it into 2 drives.  I do this using the excellent freeware GParted  I generally do an even split, but it doesn't have to be, just giving the second partition as much space as possible to store user data.  I then name the second partition something like Storage.  For sake of instructions, lets just say it is assigned the drive letter D

One that is done, before logging in as the systems user, I edit the registry as follows:
(This is for Win 7 system, but an XP system is very similar)

  • On the D:\ create a new folder Users
  • Using regedit, navigate to:
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
  • Edit Profiles Directory from %SystemDrive%\Users to D:\Users
  • Log Out of the system
  • Login as a new user
This allows the new user to have their information stored on the 2nd partition so that when you want to reinstall everything you can without worrying about losing all your data.

From that same registry key, you can also edit the profile locations of the existing users of the system such that if you already logged in as a user, you can easily change it from the default location.  You will just have to look at the subkeys of ProfileList that display GUIDs instead of names and find the one with the appropriate path.

Tuesday, November 1, 2011

Active Directory Change Password Issues

We had a new employee start and I have been asking her to change her password.  She has told me that she has been unable to do so as every time she tries, she gets an error about not meeting requirements.
She is using a Dell Latitude running Windows 7 32-Bit.
I tried to do the same thing on multiple systems with my account and getting the same error.  When I tried form an XP system, the error message was a little clearer.  I searched all over for an answer and finally foudn the solution.
It seems that a few changes were made to the Default Domain group policy to enforce password age.  Well, the only issue is that the minimum password age was not set, and defaulted to 30 days.  Once I reset this to 0 as a test, I was able to have her successfully set her password.
Guess it goes to show, make sure you know what your GPO says.  :-)