We're using roaming profiles on our terminal servers (running Win2k8). Occasionally, it is necessary to delete some of them, for example because of corruption or to test something. They store only preferred settings (e.g. displayed views in applications), no user data.
Of course, we can only delete profiles while the affected user is logged off. We'd like to be able to delete a profile at any time, though.
Is it possible to configure that a profile is not updated on the profile server when a user logs out, but deleted instead? This should only happen once, so when he logs in again, a new profile would be created. Alternatively, it would be fine as well if the server profile would be deleted immediately and the update process be prevented once.
Or to put it differently: How can we ensure a specific user will receive a new, clean profile when he logs himself in the next time only?
Best Answer
While there is a "Prevent Roaming Profile Changes From Propagating to the server" GPO setting from "Computer Configuration\Administrative Templates\System\User Profiles" which changes the "ReadOnlyProfile" value in the HKLM\Software\Policies\Microsoft\Windows\System regkey, it is a per-machine configuration setting valid for all users logging on to your terminal servers, and thus probably undesirable. Also, I am not sure if it would affect profiles from already logged-on users.
I believe the only method to achieve what you want would be through scripting.
This looks simple enough even to be scripted as a CMD batch, but obviously using PowerShell would produce more elegant and resilient code.