Citrix/TS roaming profiles query


Say I have a multi-domain forest, US and Canada. Each domain has their own Citrix farm and have set their GPO's to use Roaming Profiles for the OU that their Citrix servers are in.

Am I correct in thinking that if a user from the US travels to Canada and accesses a Citrix server in the Candadian farm, they won't see the profile they used when they were in the US? Because the GPO is set per domain, and when they use the Candadian GPO it would be pointing to a brand new location?

The only way for them to access their US profile is to cross the WAN and use the US Citrix farm?

Just want to clear it up!

Who is Participating?
HerrmannatorConnect With a Mentor Commented:
Yes - as you described it, the Citrix servers are in different OUs, each OU with its own GPO defining where the roaming profiles are stored.  Therefore, whoever logs on those servers has to get their roaming profile from that location, and/or create a new one at that location.
If you think about it, it would be bad if the Canadian citrix servers allowed a profile to load from a US profile server, because it would then have to pull the profile across the WAN, and would take forever to log on (ie, it is important that the profile share be on the same LAN with high speed connectivity to the Citrix servers it serves).
So yes, the users visiting the other location would do best to use vpn connectivity or otherwise get back to their home citrix farm, where they will automatically load their normal roaming profile.
bruce_77Author Commented: is there any way I can get a user to access their home profile if using a different farm?
I am confused on this.  How are they accessing these farms?  When they visit Canada, are they plugging into the local network, and then hitting their US citrix servers (either directly or via VPN client if they are not already connected)?  Or are they sitting down at some Kiosk guest user PC already configured to hit the Canadian farm?
There are a couple things you could do:
1) Use Citrix Program Neighborhood client and just configure it to hit the US farm even from canada (and use VPN client if necessary).
2) Use Citrix Program Neighborhood Agent on the Canadian servers so people can access the US farm from the Canadian Farm. So when in Canada, they could sit at a Kiosk and log into Canadian farm, and then from there launch another Citrix session on the US farm.
3) If desired, I suppose you could just have them log into the Canadian farm to create a new profile, and then copy the needed portions of their US profile over top of their Canadian profile such as their favorites, desktop, etc.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

I guess you could also give them a simple batch file or even a shortcut to their US profile if you wanted to.  But normally people should not be storing important documents in their user profile anyway.  They should use their Home drive or other drives, and then they could just access those spots from Canada or fromthe Canadian Citrix servers.  Of course connectivity would be slow over the WAN though, so they may prefer connecting back to the US farm instead.
exx1976Connect With a Mentor Commented:
This is one of the problems of applying profile information via GPO to machine OUs in a large environment like you're describing.  I recognize this from your other question.

Just write 10 lines of VBS to go through your AD and set the roaming profile path on the users accounts directly, and then it won't matter if they login from CHINA.  As long as they can resolve the name of the fileserver and have network connectivity to it, then when they login, they'll automatically get the correct profile.

Alternatively - are they different FARMS, or are they different zones within the same farm?  If the latter is the case (don't know aything about your Citrix implementation) then you could simply use a zone preference/failover policy applied by user/group and force the US users into the US zone first..  

bruce_77Author Commented:
Just to clarify, users will be accessing Cirix via the web interface.

So, Todd from the US travels to Canada. If he connects to the web interface address of the US farm, he can access his profile fine, but it's slow due to the WAN. So he chooses to connect to the Candadian farm.

But, the GPO for the OU holding the Canadian Citrix servers points to a path on \\\\Todd, so basically creates a new profile for him.

Is there anyway he can access his existing his existing profile on \\\\Todd when logging onto the Canadian farm?

How about for Citrix OU's in both domains, there are two GPOs, one to point Canada\Users to \\ and one to point US\Users to \\


Seriously now.  If you think it's slow for him to access the US farm from canada, just imagine how slow it's going to be to copy that profile information to the canadian servers from the US..  ICA Traffic doesn't use much bandwidth at all.  If he can't get a decent connection, then I'd look at your network, not your Citrix servers..
If the profile is stored on a distant server, then the best way for the user to access it will be via the home Citrix server on the same LAN as that profile.  When you are using Citrix all you are doing is remote contolling a session on another machine, so shouldn't be any slower from far away unless you just have bad connectivity in which case you are dropping connections.  But saying Citrix is slow is kind of like saying remote desktop is slow.  How can remote desktop be slow unless what you really mean is the connectivity is bad and causes poor overall performance.
I guess a Citrix server itself can be slow, if there are too many users, etc.  Or if the profiles are allowed to get big, logon/logoff can be extremely slow.  But just using ICA to connect back the home server and have that home server access the roaming profile (which is on the same LAN) should not cause extra slowness.
Wiith the citrix webinterface installed you avoid this kind of problems.
Khurram Ullah KhanCommented:
if you are using any profile replication solution or using any SAN based replication settings then it is good for you in this case your user profiles will replicate across continent and users can get their data fast from the nearest datacenter. also in case of any disaster you can redirect users to any other DC nearest to you
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.