FYI: I called Microsoft and they helped me find the problem - our SCCM admin had inadvertently enabled a setting called "Enable User Data and Profiles" at some point in the past. This option unfortunately overrides any GP settings for roaming profiles, folder redirection and offline files on Windows 8+/Server 2012+ systems. Once this option was disabled, the GP for blocking roaming profiles correctly took effect.
More details are under the section "Folder Redirection Group Policy doesn't apply to Windows 8 and Windows 8.1 clients when you also configure it in System Center" at: http://blogs.technet.com/b/askds/archive/2013/12/13/an-update-for-admt-and-a-few-other-things-too.aspx -Aakash Shah From: Aakash Shah Sent: Friday, April 10, 2015 10:26 AM To: NT Subject: Blocking Roaming Profile Problem I am working on a new Server 2012r2 system where roaming profiles need to be blocked/disabled. I linked the same GP I have used for Server 2008r2 systems that sets the following at Computer Configuration | Policies | Administrative Templates | System | User Profiles to help accomplish this: Only allow local user profiles: Enabled Prevent Roaming Profile changes from propagating to the server: Enabled However, after applying this to the Server 2012r2 system, user roaming profiles continue to load and unload, i.e. neither of the settings above appear to be correctly taking effect. I have confirmed that both of these settings are applying according to gpresult, and I also confirmed that the corresponding registry keys were successfully created at HKLM\SOFTWARE\Policies\Microsoft\Windows\System: LocalProfile: 1 (dword) ReadOnlyProfile: 1 (dword) I have rebooted the server several times, and also enabled "Always wait for the network at startup" just in case, but roaming profiles continue to be enabled on this Server 2012r2 system. I was also able to replicate this on another Server 2012r2 system in our environment. As a test, I removed the GP disabling roaming profiles and applied these settings locally using gpedit, but this produced the same behavior. I attempted a Google search, but was unable to find anything relevant regarding this. Questions: 1. Is there something different on Server 2012r2 that needs to be set to disable roaming profiles from loading and being saved? 2. Is anyone else seeing this in their environment? 3. Have I overlooked anything? Does anyone have any other ideas/suggestions? The environment is at Server 2008r2 DFL and FFL. Please let me know if I can provide any other information. Thanks, -Aakash Shah
