Category: Desktop

This is a new weekly post with a tip for Windows, OS X, Linux, iOS, Android… anything really that I hope could help others in their daily computing lives.

This week’s tip is a Windows tip. Ever wonder what permissions you have in your organization? What groups are you part of? What is my SID?

There is a nice command introduced back in the Windows XP days called whoami. First introduced as part of the support tools, and now part of the standard install of windows, this command can give you all the information about the currently logged on user.

If we just issue whoami in CMD, we will get this:

Nothing spectacular, but lets look at the flags to the command:
We can see there is a /ALL flag, lets see what happens when we run whoami /all
(Important SIDs are whited out)
We can see a whole bunch of information, like my username, my SID, domain group memberships and even my permissions.
So if you ever want a user to send you their information, you can make a batch script that has:
whoami /all > userinfo.txt
This will save this information into a text file that the user can send your way and you can see all their group information and make changes as necessary.

There are bugs that you can get around with, and then there are some that are just weird.. I came across one that involved a weird state for a local windows profile. Usually this will prompt you to simply solve the issue by just re-creating the profile. This usually solves the issue, but there is a faster way to resolve issues that involve with the profile with a backup status:

The image above doesn’t really show a backup status but, you get the picture.
The profile in question will load the home directory c:\users\TEMP. The user’s desktop won’t be the same, outlook won’t have the same profile, and the user’s favorites will be gone. Lets not panic, the folder in question is still there. The user is just not properly mapped to the right home directory.

First thing to do is to reboot the workstation in question. If you still have the same issue, we will need to modify the registry.

NOTE: Modifying the registry is risky, and even if you follow the instructions word for word, I can’t guarantee success or a corrupted windows or loss of data. Please proceed at your own risk.

This remedy is taken from this Microsoft KB article, but ill mention it here for completeness and add my thoughts to each task.

Go to Start and run REGEDIT

Go to:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
In this key, you should see something similar to this:

The S-1-5-21 keys actually are the configuration of the profiles in windows. one thing to notice is that there are two that are strikingly similar (S-1-5-21-1079119….) but with one difference, the .bak at the end of the key at the bottom.

Lets take a look inside the key:

A healthy profile should look like this:

A cool thing to note is that the ProfileImagePath points to the home directory of the user. An unhealthy profile will display the ProfileImagePath to c:\users\temp, and the RefCount will have a value higher than 0.

To solve the problem, login to an administrator account other than the one that has the issue.

Next modify the key name that doesn’t have the .bak to .ba.

Now Rename the key that HAS the .bak and remove the .bak.

Finally modify the key name that HAS the .ba to .bak

Once that is done, you will need to modify a few more things in the key without the .bak.

We need to change the RefCount to 0

We need to clear the state in State to 0

Now its time to reboot and try to login.

This worked for me. What your more or less doing is manually changing the state of the profile from the backup state to a local state. This is something similar to when a windows server cannot remove the restart pending status.