When you try to start a remote desktop connection to a Windows computer on the domain you may get the error message:
The User Profile Service failed the sign-in. User profile cannot be loaded.
To enable the User Profile update
- Remote into the computer with a local administrator account,
- In Windows Explorer open the C:\Users\Default\AppData folder,
- Right click the Roaming folder and select Properties,
- On the Security tab click the Advanced button,
- In the Permission entries list select System,
- Check the Replace all child object permissions… check box,
- Click the OK button,
- Click the Yes button on the Windows Security popup,
- Close the Properties window with the OK button.
The Microsoft Active Directory is a great system to manage the security of servers and workstations. One of the fundamental security tools is the password expiration policy.
To set the password expiration policy in an Active Directory domain follow the steps below
- Remote desktop into the domain controller
- Start the Active Directory Users and Computers snap in
- Right click the root domain name and select Properties
- Select the Group Policy tab
- In the middle select the Default Domain Policy Group Policy Object Link
- Click the Edit button
- On the left side expand Computer Configuration > Windows Settings > Security Settings > Account Policies
- Select the Password Policy and Account Lockout Policy keys to set the desired values
All new and existing user accounts will inherit these settings, and the password of existing user accounts will immediately expire where the “Password never expires” option is not set.