# 1521 : Windows cannot locate the server copy of your roaming profile....



## TheHairyPittman (Sep 21, 2006)

I came across this error, and thanks to this thread, I was able to solve it. I thought I would throw my checklist out there for everyones benefit:

Setup:
--------
Server 2003 Server, Running DNS / AD, File Server, IIS
XP SP2 Clients ( 2 )

I had one client successfully log-in, accept group policies, run scripts, do folder redirections.
I had another client, identical OS and network settings. Would login, get to the internet, but fail to run scripts, do folder redirections, or save profile settings.

On failing client, Event Viewer yielded this information :

1053 : Windows Cannot determine the user or computer name ( An internal error occurred ). Group policy processing aborted.

1521 : Windows cannot locate the server copy of your roaming profile....
DETAIL - THe system detected a possible attempt to compromise security. Please ensure that you can contact the sever that authenticated you.

1511 : Windows cannot find the local profile and is logging you on with a temp.....

15 : Automatic certificate enrollment for local system failed to contact the active directory. A directory service error has occurred.

Fix Attempt 1 : 
I removed the bad client from the domain, rebooted the machine, and deleted local copies of the domain profiles with the local administrator account.
I removed the offending machine from AD and manually deleted the A Record from the DNS controllers DNS Forward Lookup Zones for the domain.
This yielded no change in behavior, regardless of which username I used. Well-behaving client churned along fine during this.

Fix Attempt 2 : 
I disabled computer account in AD, and renamed the machine. The disabled account then changed AUTOMATICALLY in AD when I rejoined the bad client to the domain. ie - In AD, computer Shipping1 is disabled. I rename the machine to Shipping4. I then join it to the domain, and the disabled Shipping1 account changed to Shipping4, assuming the security identifier of Shipping1. I reenable account in AD. STILL no change in behavior.

Fix Attempt 3 :
I noticed the XP was using a generic driver for my NIC ( Intel 21140-Based 10/100 mbps ethernet ). I downloaded a different driver and BINGO - everything worked just fine. I now have my little test lab running just the way I wanted it.

Here's hoping this saves SOMEONE some time!

Cheers -

The Hairy Pittman


----------



## mickyj (Aug 26, 2007)

Hello,

I too have stumbled accross this. I ended up patching my SBS 2003 r2 SP2 server. I installed ISA 2004 SP3 and a Microsoft Hotfix as per blog August 12 http://www.mickyj.com/blog7.htm. Everything now works well.


----------

