With the appropriate access permission, a user can save a locally cached copy of a user profile. The directory and filename of the hive are added as a value under the following Registry key, where SID_# represents a key with the same name as the security ID assigned to the user:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
\ProfileList\SID_#When the user logs on, the hive defined in the particular ProfileList\SID_# subkey is loaded, with a root key whose name matches the SID_# as a child key of HKEY_USERS. HKEY_CURRENT_USER points to this key.
The available user profile hives on a computer will consist of any hives created using User Profile Editor or saved locally by a user who logged on with appropriate permissions, as defined in User Manager for Domains. The ProfileList subkeys define all the known user hives on the local computer.
The hive that is loaded when a user logs on depends on whether the user has an assigned profile, as described in the following tables.
Table 12.1 Creating a Hive for a User Without an Assigned Profile
Scenario | How hive is created |
If the user has permission to keep a local copy of a profile | A copy of the User Default profile (USERDEF) is loaded under the key HKEY_USERS\SID_#, and a local copy of this profile is saved as the user's profile. This hive is created when you install Windows NT and is saved as SystemRoot\SYSTEM32\CONFIG\USERDEF. The user's local copy resides in the same directory. When the user logs off, all changes made to the profile are saved to the local profile just created. |
If the user doesn't have permission to keep a local copy of a profile (that is, Guest accounts) | USERDEF is copied to a temporary file (SystemRoot\SYSTEM32\CONFIG\TMPDEF00) and this copy will be used by the user. When the user logs off, all changes made to the profile are lost. |
For a user with an assigned profile, that profile is used whenever possible. Otherwise, the rules shown in the following tables are used to create a hive.
Table 12.2 Creating a Hive with an Assigned Profile on a Local Computer
Scenario | How hive is created | ||
If the user has a mandatory profile (with a .MAN filename extension) on a local and on a remote computer | The profile is copied to a temporary file in the SystemRoot\SYSTEM32\CONFIG directory, and the user will use this temporary profile. All changes made to this profile are lost when the user logs off. If the mandatory profile is not accessible (for example, if the server is down or if there is no access permission for the file), the user is not able to log on. | ||
If the user has a personal profile on a local computer but the profile is not accessible | The user will get a copy of USERDEF. | ||
If the user has a personal profile on a remote computer but doesn't have permission to save a local copy |
| ||
This last table shows how a hive is created if the user has a personal profile on a remote computer and has permission to save a local copy.
Table 12.3 Creating a Hive for a User with a Profile on a Remote Computer
Scenario | How hive is created | ||
If the remote profile is accessible and there are no local copies of the profile on the local computer | The remote profile is copied as SystemRoot\SYSTEM32\CONFIG\USER002. Then this local copy is loaded into the Registry as the user's profile. At logoff, the changes are saved to the local copy, and the local copy is copied back to the remote profile file. | ||
If the remote profile is accessible and a local copy exists | The newest file overwrites the older version, and the file is treated as described above. | ||
If the remote profile is not accessible but a local copy exists | The local copy is loaded into the Registry and used as the user's profile. At logoff, the changes are saved to the local copy, which is copied to the remote profile file at the next log on (if the remote profile is accessible and if the date on the local copy is newer than that for the remote profile). | ||
If the remote profile is not accessible and the local copy does not exist | A copy of USERDEF is saved to the local profile copy path and is loaded in the Registry to be used as the user's profile. At logoff time, the changes made to the profile are saved in the local profile. | ||