Terminal Server User Profiles and Home Folder Paths Are Ignored After Applying SP4 or Later

ID: Q236185

The information in this article applies to:

Microsoft Windows NT Server versions 4.0 SP4, 4.0 SP5, 4.0 SP6
Microsoft Windows NT Server version 4.0, Terminal Server Edition

IMPORTANT: This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to do this, view the "Restoring the Registry" Help topic in Regedit.exe or the "Restoring a Registry Key" Help topic in Regedt32.exe.

SYMPTOMS

When you are validated by a Windows NT Server 4.0, Terminal Server Edition domain controller with Service Pack 4 (SP4) applied, your Terminal Server home folder is mapped to the default location, even though your administrator specified a different path in User Manager for Domains.

Additionally, when you are validated by the same domain controller, your Terminal Server profile path points to the default location, even though your administrator specified a different path in User Manager for Domains.

CAUSE

This behavior occurs when you apply SP4 to the domain controller. When SP4 is applied, the RestrictAnonymous value is changed to 1 (its default value is 0).

Terminal Server attempts to retrieve custom fields from the Security Accounts Manager (SAM), which is the Terminal Server profile path. When the attempt is unsuccessful, Terminal Server uses the standard Windows NT profile path.

RESOLUTION

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

For information about how to edit the registry, view the "Changing Keys and Values" Help topic in Registry Editor (Regedit.exe) or the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe. Note that you should back up the registry before you edit it. If you are running Windows NT, you should also update your Emergency Repair Disk (ERD).

To resolve this problem:

Start Registry Editor (Regedt32.exe).

Locate the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA

Locate the following entry:

Value name: RestrictAnonymous
Data type: REG_DWORD
Value: 1

Change the value to 0.

Exit Registry Editor, and then restart the computer.

NOTE: You can also delete the RestrictAnonymous value to work around this problem.

STATUS

Microsoft has confirmed this to be a problem in the Microsoft products listed at the beginning of this article.

REFERENCES

For additional information, please see the following article in the Microsoft Knowledge Base:

Q143474 Restricting Information Available to Anonymous Logon Users

Additional query words:


Keywords          : kbbug4.00 
Version           : winnt:4.0,4.0 SP4,4.0 SP5,4.0 SP6
Platform          : winnt 
Issue type        : kbbug

Last Reviewed: July 20, 1999