A question about NT Domains

Fri Apr 10 23:29:23 GMT 1998

Just for the sake of completeness I thought I'd add a bit to this.
Let's be clear about which files affect registry changes (or contents).

Under NT, open a command prompt interface:
cd %SystemRoot%\System32\config
dir

The standard registry files are:
	Default	- all component default settings
	System - all HKLM\System entries
	Software - all HKLM\Software entries
	Security - Domain/Machine releated User Rights & Privs.
	SAM - the Security Access Manager database (ie:Passwords etc.)

These are used by EVERYTHING!!

When a user logs in the following files get checked:
	1) \\"Authenticating Server"\NETLOGON\NTConfig.Pol
	2) %SystemRoot%\Profiles\Policies\NTConfig.Pol
		this one is a copy of the last NTConfig.Pol downloaded
		from (1) above - if available.
	3) %SystemRoot%\Policies\%UserName%\NTUser.DAT

The later, is first obtained from a profile server if the User_Init_Info
passed from the Domain Logon Server specifies use of a roaming profile.
If item (3) does NOT exist and/or NO default profile is available one gets
created from the system default settings PLUS the last loaded file at item
(2) above.

The HKCU is always unique to the currently logged in user, BUT if the
currently logged in user is using a shared profile that has NOT been made
exclusive then on logout  the HKCU will be written over the top of the
source files. That is why Mandatory profiles are essential when sharing a
roaming profile.

Samba really ought to have a HOWTO for configuring a Roaming Profile
server that sits on a samba share. The NT documentation is net very clear
about this at all. Ask two NT "Experts" and you will get at least 4
opinions on roaming profiles!! (8->>)

On Sat, 11 Apr 1998, Wolfgang Ratzka wrote:
> Luke Kenneth Casson Leighton wrote:
> 
> > my experience is with Win95, but i expect the same for NT, and have been
> > told that it is so by someone who runs NT admin training courses.
> 
> On NT it is quite definitely not so. HKCU will always be loaded completely from
> the user's NTuser.dat file and unloaded again after logout.
> In fact HKCU is not a proper registry hive but a symbolic reference to the subkey of
> HKEY_USERS that corresponds to the current user. If more than one user 
> is active on an NT machine (on plain vanilla NT this *is* possible if you have
> services running as a non-system user; on WinFrame or Hydra multiple users
> can be logged in) you will see several subkeys of HKU that correspond to
> the active users and don't interfere with each other.
> 
> Of course some settings that a user can change do not go into the HKCU hive
> but into HKLM, most notably the screen resolution and the number of colours
> (you can use policies to prevent user's from changing these).
> Some applications put information that should go into HKCU into HKLM instead.
> (Hall of Shame: Netscape Communicator, Microsoft Office 97 [User dictionaries!]...).
> Others just use plain good old INI files in their program directory or even 
> in \WINNT\SYSTEM32. Those changes will not be user specific but machine 
> specific and those programs will cause trouble, when one tries to run them
> on WinFrame or Hydra... :-).
> 
> Summarizing:
> 
> Q: Will the next user inherit a previous user's additions
>    to the HKCU registry hive?
> A: Quite definitely not.

Correct.

> 
> Q: Can a user foul up the configuration for the next user?
> A: Quite definitely yes!

See above. Yes, but not if correctly configured.

> 
> Q: Is this discussion out of place on the samba-ntdom list?
> A: Errr....

Errr... Really? I think it is. Do we, or do we not, want to help people to
gain stable and dependable use of samba?

> -- 
> Wolfgang Ratzka (dialing in from home)

Cheers,
John H Terpstra (Also from home!!!!)