Corrupt User Profiles - Do They Even Exist?

Helge Klein, 07/02/2008 | 3 Comments | 20,699 Views

I will make a bold statement here: corrupt user profiles are a myth. That may seem very bold indeed, with 331,000 hits on Google for "corrupt user profile" and countless admins complaining about having to deal with corrupt profiles on a daily basis.

In order to understand my position we need to take a step back and have a look at the layout of Windows user profiles. They basically consist of a number of files and folders. One of the files in each profile is special in that it is some kind of database: NTUSER.DAT in the root of every profile contains a user's registry hive, which is mounted to HKCU during logon. But essentially a user's registry hive is still a file, alas a file that is exclusively locked while a user is logged on.

For the time being, please bear with me and think of a user profile as a conglomerate of files on an NTFS volume. If you look at user profiles this way, the word "corruption" gets an entirely different meaning. Just ask yourself: what can possibly happen to files on a (partly) transactional file system like NTFS? Of course, if you flip the power switch during a write operation, the file being written to will be corrupt. But apart from that I cannot think of any common situation in which files on an NTFS volume become corrupt. And even the effects of flipping the power switch have been mitigated with Windows Vista and Server 2008: Transactional Registry (TxR) protects writes to NTUSER.DAT just like databases protect their data from power loss.

But what about roaming profiles? They need to be copied from the user’s machine to a file server on the network. Theoretically, a file could become corrupt during transmission.

Theoretically.

Ask yourself one question: Is that likely to happen with today's networks? I think the question should remain rhetorical. If you do not think so you should seriously consider changing or upgrading your network hardware/software/architecture.

But...

Are all those people wrong that have to deal with so-called corrupt profiles? Of course not! The part that is wrong is the term "corrupt"! So-called corrupt profiles are in reality inconsistent profiles. It all becomes clear when you think of a typical situation a help desk employee has to deal with: A user calls and complains about this and that not working. The admin makes some checks and determines something must be wrong with the user profile. He deletes the profile, has the user log on again and all is well.

What happened?

The user had some "inexplicable" application misbehavior. The root cause for this will probably have been some misbehaving application that either crashed while writing data to the profile or experienced some other issue in the process. The net result is that an application wrote only partial data to the profile, making it inconsistent.

A user profile is a complex structure consisting of many files, folders and registry values. Many dependencies exist between different components of a profile: registry entries point to files, INI files contain the names of other files, and so on. Applications write to the profile all the time. Is it so very special that from time to time write operations are not fully completed due to an error of some kind? I think not.

Of course, Transactional Registry and Transactional File System (TxR and TxF) could provide a remedy for these issues. But Microsoft introduced new APIs for transactions (contrary to earlier plans), meaning that applications need to be changed to take advantage of transaction support. With what we know about application lifecycles in enterprises and the "conservative" attitude of many programmers we will have to live with inconsistent user profiles for quite some time. Because that is what profile corruption really is - profile inconsistency.

Side Note

Many user profile management product vendors claim their solution mitigates profile corruption. Now you know you should take such statements with a grain of salt.

References

White paper from sepago on user profiles

+++ Your opportunity +++ Use Profile Migrator the new sepago product that makes migrating user personalities between different platforms a breeze.! Download your free version now!

3 responses for "Corrupt User Profiles - Do They Even Exist?"

"The part that is wrong is

"The part that is wrong is the term "corrupt"!" - Really? definition of corrupt/corruption can be to "alter for the worse"; "made un-reliable by change". Corrupt profiles/in-consisten profiles, all the same. Why get too hung up on the semantics of it?

The point this guy is trying

The point this guy is trying to make is that the profile in its entirerty is not corrupted. That the actual problem lies with an individual file within the profile. Oft times the solution to this problem is deletion of the entire profile, which can be in convienant to both the users and the admin/tech, especially when it comes to reattaching a dozen PSTs (maybe more). Restoring the corrupted, file, normally NTUSER.DAT, will resolve the issue most times.

I agree with

I agree with Miltech.
Restoring a correct NTUSER.DAT resolve the issue.

My question is how can be more protected the NTUSER.DAT file in a roaming profile to not generate this problems.

In my small network I have this problem 4 - 5 times/week.
I didn't find the real cause. I suspect double loggin and reset of computers after blocked applications.