Microsoft KB Archive/272464

= How Windows Terminal Server Uses Temporary Folders =

Article ID: 272464

Article Last Modified on 2/28/2007

-

APPLIES TO


 * Microsoft Windows NT Server 4.0, Terminal Server Edition
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q272464



SUMMARY
Administrators may notice that temporary session files may have permissions set for users who are not currently logged on to the computer. This behavior is by design, and does not pose a security risk to these folders or to the computer.

This article applies to computers that are using the default configuration and not Flattemp.exe to configure temporary folders.



MORE INFORMATION
The following algorithm is used to assign and reuse temporary folders with Terminal Servers and with computers that are running Terminal Services:
 * When a user logs on to the Terminal Server or a Terminal Services session, a temporary folder is created for the user in the C:\Temp folder. This temporary folder uses the user's session ID.
 * Only the System account, members of the Administrators group, and members of the User group have change permissions for this folder.
 * If the user closes the session and a program still has file handles open, the files are retained in the temporary folder. This behavior is by design, and it allows for recovery. This behavior also occurs in programs such as Microsoft Word, which has the Auto Recovery feature.
 * If there are no file handles still open, the folder still exists with no files in it.
 * When a user logs back on, the computer will see if the user had a temporary folder assigned to them that had files in it. If a folder exists, the user retains that folder.
 * If a user logs back on to the computer and there are no folders that contain files that are assigned to that user, Windows assigns an available empty temporary folder to that user. When this occurs, the permissions on this folder are changed to the current user.

