You may come across any of the following error messages in the RDS session host server event log:
- Remote Desktop Services could not apply a user desktop for a user account with a SID of [SID]. A temporary profile was enforced for the user. Verify that the user profile disk settings are correct. The error code is 0x2.82
- Remote Desktop Services could not obtain a user profile disk for the user account with a SID of [SID]. Verify that the user profile disk location is accessible, the server’s computer account has read and write permissions to it, and that the location has a user profile disk template file present. The error code is 0x2.82
The above error is accompanied by the creation of a temporary profile for the RDS user in question.
Take the following steps to resolve the issue:
- Recheck the user profile settings inside Server Manager, as shown in the below screenshot (edit RDS collection properties).
- User Profile Disks properties
- Check read/write SMB/NTFS permissions of the RDS session host server computer objects on the SMB share where the RDS User Profile Disks (UPD) are created.
- Ensure that the SMB share of the UPD store is accessible by all RDS session host servers, i.e. there is no network issue preventing the connections.
- Ensure that the UPD store has a user profile disk template file present. If this is not generated by the RDS installation itself, then you can copy and paste a .vhdx template file from another healthy installation and try again.
- Ensure all RDS servers have latest Windows updates and have been rebooted at least once.
- If all else fails, check all possible general cause of temporary profiles being created, some of the most common ones are the following:
- Check the event logs for errors/warnings. Ifthe UPD is mounted or missing, the logs will indicate that it cannot be found. If the UPD has the wrong permissions it could also say access denied.
- Verify SMB and NTFS permissions. The disks are stored on the File server (SMB share). Go through the disks and verify that the permissions are set, and that the user is assigned to the disk. To be able to identify which disk belongs to what user, make use of Microsoft’s SIDDER application.
- Check the registry. Sometimes when a user’s profile is locked, the system makes a back up of it, then creates a temp profile for the user to log in with.
- Check DNS. Ensure that the Session servers can resolve the UPD share.
- Verify that the UPD disk is not mounted. In order for you as an admin to work with the user’s profile, you would need to mount the disk onto one of the sessions hosts so you can manage the information within. You have to always make sure to unmount it when you’re finished with whatever work you were doing on the profile disk so the user can access it. If there is a user with a temp profile, go through all the session host servers with your admin account, and unmount any drives you have mounted. Then give the user another try.
- Check the quota and UPD disk limit. If the limit has been reached, either increase the quota on the UPD share or expand the UPD disks in question.
- Remember that admin accounts use UPD so they are subject to the same limitations. UPDs are created and managed by the Remote Desktop Collection and are applied as computer policies. An admin can log onto 1 session host at a time with their UPD, you can still log onto other session hosts but you’ll be logged in with a temp profile.