User Profile Structure

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

A user profile consists of:

  • A registry hive. The registry is a database used to store computer- and user-specific settings. Portions of the registry can be saved as files, called hives. These hives can then be reloaded for use as necessary. User profiles take advantage of the hive feature to provide roaming profile functionality. The user profile registry hive is the NTuser.dat in file form, and is mapped to the HKEY_CURRENT_USER portion of the registry when the user logs on. The NTuser.dat hive maintains the users environment preferences when the user is logged on. It stores those settings that maintain network connections, Control Panel configurations unique to the user (such as the desktop color and mouse), and application-specific settings. The majority of the settings stored in the registry are opaque to user profiles settings are owned and maintained by individual applications and operating system components.

  • A set of profile folders stored in the file system. User profile files are stored in the filesystem in the Documents and Settings directory, in a per user folder. The user profile folder is a container for applications and other operating system components to populate with subfolders and per-user data, such as shortcut links, desktop icons, startup applications, documents, configuration files and so forth. Windows Explorer uses the user profile folders extensively for special folders such as the users desktop, start menu and my documents folder.

Together, these two components record user-configurable settings that can migrate from computer to computer.

The default location of user profiles was changed from the Windows NT 4.0 operating system to allow administrators to secure the operating system folders without adversely affecting user data. On a clean installed computer running Windows Server 2003, Windows XP or Windows 2000, profiles are stored in the %Systemdrive%\Documents and Settings folder. In contrast, on computers running Windows NT 4.0, profiles are stored inside the system directory, at %Systemroot%\profiles folder (typically WINNT\profiles).

Note

If you upgrade a computer from Windows NT 4.0, the profile location remains %Systemroot%\profiles.

Table 1 below shows the location of user profiles for each of the possible installation scenarios:

Table 1 User Profile Locations

Operating system Location of user profile

Windows Server 2003 clean installation (no previous operating system)

%SYSTEMDRIVE%\Documents and Settings; for example, C:\Documents and Settings

Windows Server 2003 upgrade of Windows 2000

SYSTEMDRIVE%\Documents and Settings; for example, C:\Documents and Settings

Windows Server 2003 upgrade of Windows NT 4.0

%SYSTEMROOT%\Profiles; for example, C:\WinNT\Profiles

Configuration Preferences Stored in the Registry Hive

The NTuser.dat file contains the following configuration settings:

  • Windows Explorer settings. All user-definable settings for Windows Explorer, as well as persistent network connections.

  • Taskbar settings.

  • Printer settings. All network printer connections.

  • Control Panel. All user-defined settings made in the Control Panel.

  • Accessories. All user-specific application settings affecting the Windows environment, including: Calculator, Clock, Notepad, Paint, and HyperTerminal, among others.

  • Application Settings. Many applications store some per user settings in the users registry hive (HKEY_CURRENT_USER). An example of these types of settings would be Microsoft Word 2000s toolbar settings.

Configuration Preferences Stored in Profile Directories

Figure 1 below shows the structure of the user profile.

Figure 1: User Profile.

Art Image

Each users profile contains the following folders:

  • Application data*. Application-specific data, such as a custom dictionary for a word processing program. Application vendors decide what data to store in this directory.

  • Cookies. Internet Explorer cookies.

  • Desktop. Desktop items, including files and shortcuts.

  • Favorites. Internet Explorer favorites

  • Local Settings*. Application settings and data that do not roam with the profile. Usually either machine specific, or too large to roam effectively.

    • Application data. Computer specific application data.

    • History. Internet Explorer history.

    • Temp. Temporary files.

    • Temporary Internet Files. Internet Explorer offline cache.

  • My Documents. The new default location for any documents that the user creates. Applications should be written to save files here by default.

    • My Pictures. Default location for users pictures.

    • My Music. Default location for users music.

  • NetHood*. Shortcuts to My Network Places items.

  • PrintHood*. Shortcuts to printer folder items.

  • Recent. Shortcuts to the most recently used documents.

  • SendTo. Shortcuts to document storage locations and applications.

  • Start Menu. Shortcuts to program items.

  • Templates*. Shortcuts to template items.

* These directories are hidden by default. To see these directories, change the View Options.

The Folder Redirection feature of IntelliMirror allows an administrator to redirect the location of certain folders in the user profile to a network location. When these redirected folders are accessed either by the operating system or by applications, the operating system automatically redirects to the location on a network share specified by the administrator. From a user perspective, this is similar to the roaming scenario because users have the same settings regardless of which computers they use. However unlike roaming, these settings actually remain on the network share. Folder redirection can be used with all types of user profiles: local, roaming, or mandatory.

Using Folder Redirection with local profiles can provide some of the benefits of roaming profiles (such as having a users data available at any computer or maintaining data on the server) without the need to implement roaming profiles. Remember though, using Folder Redirection with a local profile would only result in the users documents and files being available from all computers. To have settings and configurations move with the user, you would need to use roaming profiles.

Combining Folder Redirection with roaming profiles gives the benefit of roaming profiles, while minimizing network traffic caused by synchronization of the profile.

Folder redirection is accomplished using Group Policy. The use of Folder Redirection with roaming profiles is discussed later in this article.

Table 2 below lists the folders that roam with the profile by default and indicates whether they can be redirected using Group Policy.

Table 2 Folders that Roam with the Profile

Folder Name Description Roams with profile by default Redirect with Group Policy

Application Data

Per-user roaming application data.

Yes

Yes

Cookies

Users Internet Explorer cookies.

Yes

No

Desktop

Desktop items, including files and shortcuts.

Yes

Yes

Favorites

Users Internet Explorer favorites.

Yes

No

Local Settings

Temporary files and per-user non-roaming application data.

No

No

My Documents

Users documents.

Yes

Yes

NetHood

Shortcuts to My Network Places items.

Yes

No

PrintHood

Shortcuts to printer folder items.

Yes

No

Recent

Shortcuts to recently used documents

Yes

No

Send To

Shortcuts to document storage locations and applications.

Yes

No

Start Menu

Users personal start menu.

Yes

Yes

Templates

Per-user customized templates.

Yes

No

Non-Roaming Folders

The default behavior of roaming user profiles in Windows NT 4.0 is to include all the folders in the user profile directory. Thus when a user first logs on, all folders within the profile folder are copied from the server to the client at logon and copied back at logoff,

Windows 2000 introduced a per-user local settings folder into the user profile that is not copied during log on or logoff. This folder is intended for the storage of operating system components and other applications can store non-roaming per-user data. A typical example of the usage of this folder is for Microsoft Internet Explorer to store a users Favorites in the roaming portion of the user profile but store the Temporary Internet Files in the local (non-roaming) portion of the user profile. This will allow a user to retain access to their favorite URLs, but will save copying of temporary cache files at logon and logoff.

On computers running Windows Server 2003, Windows XP or Windows 2000, the History, Local Settings, Temp and Temporary Internet Files folders do not roam by default. Other Non-Roaming Folders are configured using the Group Policy Object Editor. The path for this setting in the Group Policy name space is:

User Configuration\Administrative Templates\System\User Profiles\Exclude directories in roaming profile

Once enabled this allows multiple folder names to be defined, all relative to the root of the users profile. Once included in the policy these folders will not be copied to the local machine at logon, nor copied back to the server at logoff. This setting is likely to result in decreased time taken for a user to logon, by restricting the amount of data within a user profile that really does roam with the user.

How Do Users Get Their Profile?

The way in which users get their profiles depends on the type of profile they're configured to use. This section describes this process.

Local Profile - New User

  1. The user logs on.

  2. The operating system checks the list of user profiles located in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList to determine if a local profile exists for the user.

  3. Because this is a new user, no local profile is found. If the computer is part of a domain, the operating system checks if a domain wide default profile exists in a folder named Default User on the domain controllers NETLOGON share.

    • If a domain wide profile exists, it is copied to a subfolder on the local computer with the user name under %SYSTEMDRIVE%\Documents and Settings\. For example, a new user with the user name JDoe would have a profile created in %SYSTEMDRIVE%\Documents and Settings\JDoe.

    • If a default domain profile does not exist, then the local default profile is copied from the %Systemdrive%\Documents and Settings\Default User folder to a subfolder on the local computer with a user name under %Systemdrive%\Documents and Settings\.

  4. If the computer is not part of a domain, the local default profile is copied from the %Systemdrive%\Documents and Settings\Default User folder to a subfolder on the local computer with a user name under %Systemdrive%\Documents and Settings\.

  5. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry.

  6. The users %userprofile% environment variable is updated with the value of the local profile folder

  7. When the user logs off, a profile is saved to the local hard disk of the computer.

Local Profile - Existing User

  1. The user logs on.

  2. Windows checks the list of user profiles located in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList to get the path to the users profile.

  3. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry.

  4. The users %userprofile% environment variable is updated with the value of the local profile folder.

  5. When the user logs off, the profile is saved to the local hard disk of the computer.

Roaming Profile - New User

  1. The user logs on.

  2. The path to the users roaming profile is retrieved from the user object on the Domain Controller.

  3. Windows checks to see if a profile exists in the roaming path, if no profile exists a folder is created.

  4. Windows checks the list of user profiles located in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList to determine if a cached copy of the profile exists. If a local copy of the profile is not found, and the computer is part of a domain, Windows checks to determine if a domain wide default profile exists in the Default User folder on the domain controllers NETLOGON share.

    • If a domain wide profile exists, it is copied to a subfolder on the local computer with their user name under %Systemdrive%\Documents and Settings\.

    • If a default domain profile does not exist, then the local default profile is copied from the %Systemdrive%\Documents and Settings\Default User folder to a subfolder on the local computer with their user name under %Systemdrive%\Documents and Settings\.

  5. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry.

  6. The users %userprofile% environment variable is updated with the value of the local profile folder

  7. The user can then run applications and edit documents as normal. When the user logs off, their local profile is copied to the path configured by the administrator. If a profile already exists on the server, the local profile is merged with the server copy (see merge algorithm later in this paper for more details).

Roaming Profile - Existing User

  1. The user logs on.

  2. The path to the users roaming profile is retrieved from the user object on the Domain Controller.

  3. Windows checks to see if a profile exists in the roaming path, if no profile exists a folder is created.

  4. Windows checks the list of user profiles located in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList to get the path to the users cached profile if it exists.

  5. The contents of the local cached profile are compared with the copy of the profile on the server, and the two profiles are merged. (See the new merge algorithm later in this paper for more details).

  6. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry.

  7. The users %userprofile% environment variable is updated with the value of the local profile folder

  8. The user can then run applications and edit documents as normal. When the user logs off, the local profile is copied to the path configured by the administrator. If a profile already exists on the server, the local profile is merged with the server copy.