Windows 2k/XP Workstation
User Settings Recovery

If you are running Windows 2000 or Windows XP, and if your domain controller goes down, or if you want to switch domains but FORGET to "save your settings" using the 'User Settings Transfer Wizard', or you don't have access to the 'User Settings Transfer Wizard', you are not up the proverbial creek without a paddle. Your settings aren't lost, they're simply stored where you cannot get to them... easily.

There IS a way to get them back. Really. And now I'm going to tell you exactly how I do it. This doesn't guarantee it will work for you. The caveat here is that you ARE messing around with the internals of Windows, specifically the registry settings, and you could render your system unusable if you are not careful and/or do not know what you are doing. That being said, I'm leaving the responsibility of the consequences of the following procedure in your hands. I cannot claim responsibility for anything that might result from following this procedure, in its current (or in a modified) form. That necessary disclaimer and warning being said, let's get on with 'how I do this'.

Next, you can attempt the following procedure. Do not leave any steps out, or you can end up losing your user settings.

1. Log in as the user that you want to recover. New settings will be created. Make sure you select 'local profile' if a roaming profile was not in use before (if it was, your settings were being stored on the domain controller, and they may be lost forever if you do not have them 'cached' locally). You can view the profile type by right-clicking the 'my computer' icon, choosing 'properties' (if no 'my computer' icon is on your desktop, use 'control panel' and select 'system'), and selecting 'Advanced' and 'User Settings' (for Windows XP) or 'User Profiles' for windows 2000. This will at least list YOUR profile, for which you can use 'change type' if it's "roving" (so that it will be stored locally).
   NOTE: if you want a roving profile, you can change it back later
2. Once you have successfully logged in (and changed your profile type to 'local'), the files will be stored 'somewhere'. To discover where this is, right-click the start button, and choose 'explore'. The explorer tree will reveal the path for your user settings. If you don't like the directory name, don't worry, you can change it later.
3. Now, locate the PREVIOUS directory where the settings were being kept. Most likely this will show up in the 'profiles' list (if you see more than one user name) as 'Unknown User' (or something similar). You will also see a date next to it indicating the last time it was modified, which should correspond to the last time you logged in. You can't tell what the path is from here, but you can at least see if it's a 'local' or 'roving' profile.
4. The next step will require you to figure out where the old settings were. Typically it will be in a directory based upon the user name and domain, such as 'ME.DOMAIN' or just simply 'ME'. If you have no local user with the same name, it was probably stored in 'ME'. If the new 'ME' logon is already using 'ME' (previous step), check for 'ME.DOMAIN'. You can also look in the following registry entry to determine which profiles are currently being used. You'll need this registry entry later by the way...
     HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
   Within this key are sub-keys that represent the 'SID' for each user. Entries within each of the sub-keys, like 'CentralProfile' (for roving profiles) or 'ProfileImagePath' (for cached or local profiles) will tell you where the profile is located. If the text of the string scrolls off the available space in the right-hand pane, double-click the 'string' entry (edit mode) and you can scroll it to the right and view the path.
   Take note of the SID that corresponds to the path name from the previous step. This is the user you are going to modify. Also take note of the entry that points to the path where you want to preserve settings. You will need to remember this one, too.
5. Once you have determined the correct profile path, make a backup of the entire directory. If you can't copy files for some reason, and they are encrypted, they will be lost. But pretty much everything else should be ok. The command you should use is
      xcopy sourcepath destpath /E /S /H /K /I /R /C /O /X
   where 'sourcepath' is the QUOTED path name of the configuration, and 'destpath' is the QUOTED path name of the place where you want to back it up. The quotes are needed because of the use of spaces in directory names like 'Documents And Settings' (something I don't particularly like, by the way).
6. Now the fun begins. Open Explorer, and select the 'Documents And Settings' directory, so that you can view all of the user directories. Right-click the one that contains your previous settings, and select 'Security'. You may see a user in there that looks like one of the 'SID' entries from the registry (in an earlier step). At this point you should be able to delete this entry. THEN, press 'add', and add the user that you want to have this profile, and make sure that user has "full control". Then, check 'advanced', and the check box that says "apply settings to all folders and files" at the bottom. Then, use 'APply' and the security will be altered for all files so that the domain user can access the files. IF you do not do this and the domain user is not an administrator, it WILL NOT WORK when you switch the user settings, and it could corrupt them in the process.
   NOTE: you may need to 'take ownership' to change security settings. If you can't do all of the files, you can at least do the important ones now, and deal with the rest later.
7. OK, the next step involves a little registry hacking. Go back to the registry key
     HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
   and find the entry for the user you're 'fixing'. Then, change the 'ProfileImagePath' string to point to the path where the settings you want to keep are located. It's the same directory tree that you just fixed the security on. Before you close 'regedit', you will need to change the path for the user that USED to own this directory to 'something else' (you might as well assign it to the existing path for the user, so that they're effectively 'swapped').
8. You are ALMOST done. Wait, something else? YES! You need to fix the 'HKEY_USERS' registry 'hive' for the 'user in question' so that the 'user in question' can actually use it. Since the security settings would normally prevent this, you have to alter them. To do this, you'll need 'regedt32' on Windows 2000. On Windows XP the 'regedit' program can perform this task. It's a little tricky, so be careful.
   
   1. Open the key for 'HKEY_USERS'
   2. Select 'Load Hive' from the 'File' menu. In the 'file open' box, navigate to the user directory you're recovering (aka 'the old one', not the one created when you logged in to the new domain). In the root of that path you'll find 'NTUser.dat'. The file is hidden, so you can just type in the name if it's not visible (or enable viewing hidden files so you can see it). Assign a name like "temporary" to it. If you did it right, you'll have an entry in 'HKEY_USERS' called 'temporary'.
   3. Now, select 'temporary' but don't expand it (no need to do this). Then go to the 'security' menu (or 'edit' 'permissions', as appropriate). and adjust the security for this entry to give 'full control' to the user that you're recovering settings for. The process is similar to that of the directory. MAKE SURE that you apply the settings to the ENTIRE hive, similar to selecting 'all files and directories' in the previous section.
   4. Once you set the permissions on this hive, you can select 'unload hive' from the 'file' menu (make sure the 'temporary' one is selected when you do this!!!) and the 'temporary' entry will go away and everything will be back to normal.
9. Now, if you did it all right, you can log off, and log back in as the 'user in question', and you SHOULD have all of your settings back!