Bit perplexed with this one. On one of my domain controllers which is used by approximately 2,000 users, there is a partial profile in the documents and settings directory. The user does not have access to the server. I have double checked user permissions and the default domain controller policy. User has no privilege to logon locally (interactive) or logon through terminal server. I also verified the user had no elevated access assigned to him (no domain admins, etc.) At the day/time the profile was created (based on the time stamps), the Security Log does NOT show a local logon (interactice) or a logon through terminal server session. It only shows a 'network' conection which is from drive mappings, etc. , the same logon type as all other users on the network.
On the server's documenets and settings directory, the user's profile is NOT the same as what you normally see when logging into to the server. The profile contains ONLY the Application Data and Local Settings direction, all the other directories are missing. There is also a NTUSER.DAT and NTUSER.LOG file. It seems like an anomoly or something to me. Based on access rights, security logs, etc. and testing done, the user does NOT have access to logon to this server. So, how did this "incomplete" user profile get created? Seems odd. Thoughts welcome. -------------------------------------------------------------------- mail2web.com What can On Demand Business Solutions do for you? http://link.mail2web.com/Business/SharePoint ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
