Impossible de charger le profil sous Vista SP1

Article
10/06/2008

Si lors du chargement d'un profil errant de Vista SP1 et si vous ne pouvez pas nous logguer

Lorsque le problème de chargement de profil arrive, on a l'erreur suivante dans le journal d'evenements :

>>>
Source : User Profile Service
Niveau : erreur
Evénement : 1500
Description : Windows ne peut pas vous ouvrir une session car votre profil ne peut pas etre charge.
Verifiez que vous etes connecte au reseau et que le reseau fonctionne correctement.
DETAIL - Acces refuse.

. Afin de pouvoir se logguer de nouveau avec le profil corrompu, vérifiez le contenu du profilelist dans les registres avec l'article suivant :
Error message when you log on to a Windows Vista-based computer by using a temporary profile:
"The User Profile Service failed the logon. User profile cannot be loaded"
https://support.microsoft.com/kb/947215/en-us

. Si on utilise l'outil TRACLOG fourni dans https://www.microsoft.com/whdc/DevTools/WDK/WDKpkg.mspx

tracelog -addautologger profile -guid #eb7428f5-ab1f-4322-a4cc-1f1a9b2c5e98 -level 3 -flag 255 -sessionguid #eb7428f5-ab1f-4322-a4cc-1f1a9b2c5e98

default file location is C:\Windows\system32\Logfiles\WMI
default file name is LoggerName.etl
ex. profile.etl

. L'analyse du fichier .etl permet de voir les details suivants :

[0]02A4.02A8::09/11/2008-09:29:51.989 [userenv]Leave LoadUserProfile()...............................
[0]02A4.02A8::09/11/2008-09:29:51.990 [userenv]Entering CreateEnvironmentBlock ...

>>> [0]02A4.02A8::09/11/2008-09:29:51.991 [userenv]Service account. No DNS domain name available.
Problème d'accès au DNS, de résolution de nom.

[0]02A4.02A8::09/11/2008-09:29:51.991 [userenv]Got AppData path C:\Windows\ServiceProfiles\LocalService\AppData\Roaming!
...
[0]02A4.02A8::09/11/2008-09:30:09.019 [userenv]returning dwErr = 0
[0]02A4.02A8::09/11/2008-09:30:09.019 [userenv]Leave LoadUserProfile()...............................
...
[0]02A4.02A8::09/11/2008-09:30:09.019 [userenv]Entering CreateEnvironmentBlock ...
[0]02A4.02A8::09/11/2008-09:30:09.020 [userenv]Service account. No DNS domain name available.
Problème d'accès au DNS, de résolution de nom.

[0]02A4.02A8::09/11/2008-09:30:09.020 [userenv]Got AppData path C:\Windows\ServiceProfiles\LocalService\AppData\Roaming!

[0]0884.08B8::09/11/2008-09:30:09.166 [userenv]LibMain: Process Name: C:\Windows\system32\svchost.exe

>>> [0]08BC.08C0::09/11/2008-09:30:09.423 [userenv]LibMain: Process Name: C:\Program Files\...\Rtvscan.exe
On voit que l'antivirus est actif durant le chargement du profil

[0]02A4.02A8::09/11/2008-09:30:09.478 [userenv]Entering CreateEnvironmentBlock ...
[0]02A4.02A8::09/11/2008-09:30:09.479 [userenv]Service account. No DNS domain name available.
Problème d'accès au DNS, de résolution de nom.

[0]02A4.01D4::09/11/2008-09:30:11.326 [userenv]Service account. No DNS domain name available.
[0]02A4.01D4::09/11/2008-09:30:11.327 [userenv]Got AppData path C:\Windows\system32\config\systemprofile\AppData\Roaming!
...
[0]02A4.01D4::09/11/2008-09:30:11.327 [userenv]Got Local AppData path C:\Windows\system32\config\systemprofile\AppData\Local!
[0]0A80.0A84::09/11/2008-09:30:11.527 [userenv]LibMain: Process Name: C:\PROGRA~1\...\LIVEUP~1\LUCOMS~1.EXE
[0]0A40.0A44::09/11/2008-09:30:11.772 [userenv]LibMain: Process Name: C:\Windows\system32\rundll32.exe

[0]064C.06CC::09/11/2008-09:30:11.820 [userenv]Entering CreateEnvironmentBlock ...

>>> [0]064C.06CC::09/11/2008-09:30:11.821 [proflib]Failed to impersonate user, error = 5
Error 5 => Access Denied

[0]064C.06CC::09/11/2008-09:30:11.821 [userenv]Got AppData path C:\Windows\system32\config\systemprofile\AppData\Roaming!
[0]064C.06CC::09/11/2008-09:30:11.821 [userenv]Got Local AppData path C:\Windows\system32\config\systemprofile\AppData\Local!

[0]0B70.0B74::09/11/2008-09:30:22.308 [userenv]LibMain: Process Name: C:\Program Files\...\SescLU.exe
L'antivirus est actif.

[0]02A4.01D4::09/11/2008-09:30:22.565 [userenv]Entering CreateEnvironmentBlock
...
[0]0520.0570::09/11/2008-09:31:26.896 [profsvc]Got profile server name XXX
[0]0520.0570::09/11/2008-09:31:26.900 [profsvc]IP Address = 163.110.208.153
[0]0520.0570::09/11/2008-09:31:26.900 [profsvc]IP Address = 163.110.208.151
[0]0520.0570::09/11/2008-09:31:26.900 [userenv]PingComputer: PingBufferSize set as 2048
[0]0520.0570::09/11/2008-09:31:26.905 [userenv]PingComputer: Adapter speed 1073741824 bps
[0]0520.0570::09/11/2008-09:31:26.910 [userenv]PingComputer: First time: 2
[0]0520.0570::09/11/2008-09:31:26.910 [userenv]PingComputer: Fast link. Exiting.
[0]0520.0570::09/11/2008-09:31:26.910 [profsvc]MinRate = 500, ActualRate = 1048576, SLOWLINK = FALSE

>>>[0]0520.0570::09/11/2008-09:31:27.005 [profsvc]NetShareGetInfo, (szServer, szShare, 1005 failed, hr = 80070906
80070906 => NERR_NetNameNotFound

[0]0520.0570::09/11/2008-09:31:27.006 [profsvc]Got CSC bypassed path <\\XXX$ZZZ$\PHD\Profiles\3001.V2>
[0]0520.0570::09/11/2008-09:31:27.252 [userenv]Checking ownership for \\XXX$ZZZ$\PHD\Profiles\3001.V2
[0]0520.0570::09/11/2008-09:31:27.281 [userenv]Owner is the right user
[0]0520.0570::09/11/2008-09:31:27.297 [profsvc]Found an user profile <\\XXX$ZZZ$\PHD\Profiles\3001.V2\ntuser.dat>
[0]0520.0570::09/11/2008-09:31:27.297 [profsvc]Checking Local Profile ...

>>> [0]0520.0570::09/11/2008-09:31:28.239 [profsvc]RegRenameKey failed, hr = 80070005
80070005 = E_ACCESSDENIED

[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]RestoreKeyFromBackup failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]CheckProfileListKey failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]CheckLocalProfile failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]Issue Temporary Profile ...
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]RegRenameKey failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]BackupProfileListEntry failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]IssueTempProfile failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]Leaving RestoreUserProfile() with hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]RestoreUserProfile failed, hr = 80070005
>>
[0]0520.0570::09/11/2008-09:31:28.239 [profsvc]LeaveLock <S-1-5-21-3558753324-2695999026-1591784692-1265>
[0]0520.0570::09/11/2008-09:31:28.243 [profsvc]Logging Event < Windows ne peut pas vous ouvrir une session car votre profil ne peut pas être chargé. Vérifiez que vous êtes connecté au réseau et que le réseau fonctionne correctement.
DÉTAIL - Acces refuse
>>>
[0]0520.0570::09/11/2008-09:31:28.244 [profsvc]pUserProfile->Load failed, hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.244 [profsvc]Returning hr = 80070005
[0]0520.0570::09/11/2008-09:31:28.244 [profsvc]Exit Logon Thread.....................................

[0]0520.05D0::09/11/2008-09:31:28.244 [profsvc]Worker thread done, hr = 80070005
[0]0520.05D0::09/11/2008-09:31:28.244 [profsvc]Returning winlogon 500
[0]0520.05D0::09/11/2008-09:31:32.408 [profsvc]Enter OnLogOff for session 1
[0]0520.05D0::09/11/2008-09:31:32.408 [profsvc]New session, spawn new worker thread!
[0]0520.05D0::09/11/2008-09:31:32.408 [profsvc]Creating entry for session 1
[0]0520.05D0::09/11/2008-09:31:32.408 [profsvc]Waiting for the request event ...

Le problème pourrait provenir de full scan de l'antivirus durant le processus de login et de chargement du profil itinérant. Pour éviter cela, désactiver le full scan de l'antivirus durant la phase de login.

Huu-Duc Le

Mots clés Technorati : 80070005,profsvc,antivirus,full scan,event 1500,profile,vista

Impossible de charger le profil sous Vista SP1

Additional resources