create profile with GUIDs without logging in

ArmoArmo Mr. Nice Guy Is Dead,Only Aqua Remains Member
edited September 2011 in Science & Tech
I need to device a method of creating a users profile and tie the GUIDs to it in the registry, with out logging in as the user.

i know USMT can do it but it has to pull the existing data from the registry of an old machine and somehow imports it into the new machine's registry.

does anyone know of a script or anything i can use to create a full working profile?

Comments

  • kryystkryyst Ontario, Canada
    edited June 2007
    Maybe tell us the why and we could come up with an alternate solution.
  • ArmoArmo Mr. Nice Guy Is Dead,Only Aqua Remains Member
    edited June 2007
    the enterprise i work in has ~ 60% laptops. when we need to switch one out due to a malfunction, in order to put data back on a users profile, the user would have to login to create the profile. You cant just create a folder in Documents and Settings cause a users profile has Global Unique ID's tieing the profile with registry keys for personal settings.

    at the moment we can use USMT to backup and restore data on a new machine, but USMT only works if the machine still loads into windows also has to be logged in as the user. USMT pulls the GUIDs from the old PC and injects them into the new one. so if you use USMT to backup and restore to a new PC, the first time the user logs in they have all of their settings and background configuratiosn and everything else.

    If we have a PC that we have to use methods which usually include machines that do not load into windows. the ultimate goal is to have the users files and folders restored to the location they were in to begin with, withoutl logging in as the user, so theres no real place to put anything cause there isnt a valid profile location.

    now we could login as the user but its a pretty major security thing here, as it is a bank. and having the user login the machine just to create a profile has been deemed too time consuming...

    so if i can get a script created that can generate a valid profile with the name of my choice i could just dumb everything there.
  • kryystkryyst Ontario, Canada
    edited June 2007
    Unfortunately the only way I can think of at this point is to create the user first and then migrate the settings. I'll dig around some more, but the security features in Windows are designed around that initial creation of the GUID.
  • ArmoArmo Mr. Nice Guy Is Dead,Only Aqua Remains Member
    edited June 2007
    i got it figured out. the loadstate executable for USMT queries AD for the SID of the user that you are trying to do a loadstate for. so all i need is a script that renames an empty loadstate to what ever i want. then using an account that can query LDAP i can pull the SID and create a blank profile on a machine with out having to login.
  • kryystkryyst Ontario, Canada
    edited June 2007
    Very cool
  • edited September 2011
    Armo wrote:
    i got it figured out. the loadstate executable for USMT queries AD for the SID of the user that you are trying to do a loadstate for. so all i need is a script that renames an empty loadstate to what ever i want. then using an account that can query LDAP i can pull the SID and create a blank profile on a machine with out having to login.

    I have searched high and low for a solution to the same issue.
    It seems you are one of the few if not the only one to say they have a solution / script for this. Would it be possible for you to send me a generic script for how you accomplished this? If not, could you just open a dialog and give me some pointers.

    Thanks in advance.
Sign In or Register to comment.