Managing profiles in a Windows environments is a difficult task so don't feel bad if you're having problems. You are not alone. All three Windows profiles (local, roaming, and mandatory) provide benefits but severely lack integral features which complicate either management or functionality, or both. Your goal is to simplify profile management without compromising user and application functionality. Luckily there is profile management software that can be create a 'hybrid' solution between roaming and mandatory profiles.

Mandatory profiles are recommended because they standardize the user profile. Instead of using a variable profile, you assign a static base profile which is easier to manage. Mandatory profiles are preconfigured, read-only roaming profiles. At logon, the mandatory profile is copied down to the local machine to be used for the entirety of the session. At logoff the profile is discarded, which typically causes the customized settings to be lost. This can be very frustrating for both you and the end user.

Ideally you want to be able to save specific sections of the profile at logoff and have them restored at logon. This can be accomplished with triCerat’s Simplify Profiles. Furthermore, if dealing with complex environments, settings are best stored on a secure SQL Server which supports SQL Clustering. These personalized profiles can be delivered throughout the Windows network, optimizing logon efficiency and user productivity in the entire infrastructure.

Creating a mandatory profile is not an exact science. Here are some tips for setting up your profile:

1. Using a new account with a local profile, log on the server or workstation with Terminal Services, and log off.
   
   
2. Open 'System Properties' (Windows + Break), go to the 'Advanced' tab, and open 'User Profiles'. Select the test user profile and select 'Copy To'. Select the path you want to use for the mandatory profile, usually \\server\profile\mandatory. Select 'Change' to alter the permissions. Select 'Object Types' to enable Groups, and enter 'Domain Users' to permission the profile to be used by Domain Users. Select 'OK' and 'OK' to complete the copy.
   
   
3. Navigate to \\server\profile\mandatory, rename ntuser.dat to ntuser.man and delete any extra files and folders, to reduce the profile size.