I had to recreate a user’s Windows profile the other day and made the novice mistake of removing the profile from his computer by just deleting the folder from c:\Users
. Not a good idea coz that leaves all the registry stuff behind. The correct way to remove his profile would have been to go via the System properties, User Profiles, and then delete the profile. If it complains about the folder not being removed, then remove the folder.
What happened in my case since the registry stuff was still leftover is that Windows wouldn’t create a new profile folder because it thought the profile folder had an error. It kept logging the user in with a temporary profile and complained so: “You have been logged on with Temporary profile”.
Worse, I always thought HKEY_USERS
was where all the registry stuff was stored so that’s where I kept looking to try and delete the registry bits manually. Finally I realized it’s under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
– doh! HKEY_USERS
only has the registry hives for actively loaded profiles – not necessarily the one logged in interactively, but also user accounts running in the background or that have recently run (via “run as” etc).
So I went to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
, found the profile (which now had a .bak
suffixed to it), deleted it (because I want him to start afresh), and that got things working again.
After recreating the profile the user told me he wanted his Internet Explorer saved passwords. These are stored under HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
but I hadn’t saved his HKCU
hive before deleting the profile. Not a problem – I had a backup of the profile folder, so I:
- Copied the
NTUSER.DAT
file from there to my computer (NTUSER.DAT
is basically theHKCU
hive for his account), - Loaded it into my registry as a temporary hive,
- Exported
...\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
from this temporary location to a.reg
file, - Opened this file in notepad and renamed the root to
HKEY_CURRENT_USER
.
I then sent the .reg
file to the user and once he opened it the passwords were imported into his registry.
Here’s the command I ran from an elevated command prompt to load the ntuser.dat
file to a temporary location HKLM\TempHive
:
1 |
reg.exe load HKLM\TempHive .\ntuser.dat |
Using the above temporary location, I had to rename HKLM\TempHive
to HKEY_CURRENT_USER
once I exported the key and opened in notepad.