1. Make sure you know the correct full path of the actual profile in use (sometimes users may already have a newer profile with a .
2. Login as the IPGEMEA user (to create the new profile with the correct user SID). Wait for about 2 minutes to ensure the profile is fully created.
3. Log out, and back in as Local or Domain Admin.
4. Reperm the original using the Permissions Tab/Advanced. Add the user to the perms and remove any S-12341232313123123 non-resolved perms. Make sure you click the bottom checkbox (reset all permissions)
5. Run regedit (not regedt32), navigate to HKEY_LOCAL_MACHINE (just select this level)
6. Then File/Load Hive Browse to users original ntuser.dat (if hidden files are not displayed, just manually type the filename). You’ll be prompted to name the hive (call it whatever you like (asdf))
7. Select the hive name and Right click/Permissions and do the same you would for the file perms (add the user, tick checkbox to replace all perms). Sometimes you will receive an error saying that not all the hives could be repermed (this is usually not a problem)
8. VERY IMPORTANT – Unload the Hive as the Administrator will lock this hive and you will get a TEMP profile if you attempt to login as the user, it will not be unlocked unless you a) unload it b) reboot.
9. Whilst still in regedit navigate to the ol’ HKLM\Software\Microsoft\Windows NT\Currentversion\Profilelist and find the profile with the profileimagepath of the newly created profile:
%SystemDrive%\Documents and Settings\(usually firstname.lastname.ipgemea) and remove the .ipgemea bit OR whatever the path is you have from step 1
1. Optional – reboot
2. Now you should be able to login as the user with the correct profile.
3. Congratulate yourself on being a reghack guru and drink a well deserved beer.
Think that’s it…
No comments:
Post a Comment