There are a number of reasons you may want to flip the state of a users profile
A typical scenario would be that users log onto a Terminal / Citrix server with a local profile in order to 'roam' Certificates using Environment Manager. Basically you cannot roam Certificates when using a mandatory profile as it has a limitation restricting users from installing and exporting private keys. For that reason you may want your users to logon with a roaming/local profile.
As it stands, when these users log off they will leave behind a local copy of their profile on the server which can lead to lots of folders and possibly disk space issues down the line.
In order to mitigate this issue (profile folders building up) you can configure an EM Policy action using session variables to flip the users profile to guest or temporary during logoff. This will ensure that the users local profile is cleared down and not left behind.
The logoff action can be configured as follows:
The registry value is:
Where <USERSID> is the users sid. The Environment Manager session variable $(UserSID) can be used for this in the action.
The REG_DWORD can be set as a combination of the following hex values.
001 = PROFILE_MANDATORY
Profile is mandatory.
002 = PROFILE_USE_CACHE
Update locally Cached profile.
004 = PROFILE_NEW_LOCAL
Using a new local profile.
008 = PROFILE_NEW_CENTRAL
Using a new central profile.
010 = PROFILE_UPDATE_CENTRAL
Need to update central profile.
020 = PROFILE_DELETE_CACHE
Need to delete cached profile.
040 = PROFILE_UPGRADE
Need to upgrade profile.
080 = PROFILE_GUEST_USER
Using guest user profile.
100 = PROFILE_ADMIN_USER
Using administrator profile.
200 = DEFAULT_NET_READY
Default net profile is available & ready.
400 = PROFILE_SLOW_LINK
Identified slow network link.
800 = PROFILE_TEMP_ASSIGNED
Temporary profile loaded.
For example, a state value of decimal 516 (translated to 204 hex) would be a combination of:
200 = DEFAULT_NET_READY - Default net profile is available & ready.
004 = PROFILE_NEW_LOCAL - Using a new local profile.
The decimal value should be converted to hex before calculating the profile type.
Once this has been configured, you can check, after the users has logged off that the profile has been removed within Advanced User Profile Settings. Note below the users profile has been removed as it was guest (hex 00000080).