Citrix/TS roaming profiles query


Say I have a multi-domain forest, US and Canada. Each domain has their own Citrix farm and have set their GPO's to use Roaming Profiles for the OU that their Citrix servers are in.

Am I correct in thinking that if a user from the US travels to Canada and accesses a Citrix server in the Candadian farm, they won't see the profile they used when they were in the US? Because the GPO is set per domain, and when they use the Candadian GPO it would be pointing to a brand new location?

The only way for them to access their US profile is to cross the WAN and use the US Citrix farm?

Just want to clear it up!

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Yes - as you described it, the Citrix servers are in different OUs, each OU with its own GPO defining where the roaming profiles are stored.  Therefore, whoever logs on those servers has to get their roaming profile from that location, and/or create a new one at that location.
If you think about it, it would be bad if the Canadian citrix servers allowed a profile to load from a US profile server, because it would then have to pull the profile across the WAN, and would take forever to log on (ie, it is important that the profile share be on the same LAN with high speed connectivity to the Citrix servers it serves).
So yes, the users visiting the other location would do best to use vpn connectivity or otherwise get back to their home citrix farm, where they will automatically load their normal roaming profile.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bruce_77Author Commented: is there any way I can get a user to access their home profile if using a different farm?
I am confused on this.  How are they accessing these farms?  When they visit Canada, are they plugging into the local network, and then hitting their US citrix servers (either directly or via VPN client if they are not already connected)?  Or are they sitting down at some Kiosk guest user PC already configured to hit the Canadian farm?
There are a couple things you could do:
1) Use Citrix Program Neighborhood client and just configure it to hit the US farm even from canada (and use VPN client if necessary).
2) Use Citrix Program Neighborhood Agent on the Canadian servers so people can access the US farm from the Canadian Farm. So when in Canada, they could sit at a Kiosk and log into Canadian farm, and then from there launch another Citrix session on the US farm.
3) If desired, I suppose you could just have them log into the Canadian farm to create a new profile, and then copy the needed portions of their US profile over top of their Canadian profile such as their favorites, desktop, etc.
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

I guess you could also give them a simple batch file or even a shortcut to their US profile if you wanted to.  But normally people should not be storing important documents in their user profile anyway.  They should use their Home drive or other drives, and then they could just access those spots from Canada or fromthe Canadian Citrix servers.  Of course connectivity would be slow over the WAN though, so they may prefer connecting back to the US farm instead.
This is one of the problems of applying profile information via GPO to machine OUs in a large environment like you're describing.  I recognize this from your other question.

Just write 10 lines of VBS to go through your AD and set the roaming profile path on the users accounts directly, and then it won't matter if they login from CHINA.  As long as they can resolve the name of the fileserver and have network connectivity to it, then when they login, they'll automatically get the correct profile.

Alternatively - are they different FARMS, or are they different zones within the same farm?  If the latter is the case (don't know aything about your Citrix implementation) then you could simply use a zone preference/failover policy applied by user/group and force the US users into the US zone first..  

bruce_77Author Commented:
Just to clarify, users will be accessing Cirix via the web interface.

So, Todd from the US travels to Canada. If he connects to the web interface address of the US farm, he can access his profile fine, but it's slow due to the WAN. So he chooses to connect to the Candadian farm.

But, the GPO for the OU holding the Canadian Citrix servers points to a path on \\\\Todd, so basically creates a new profile for him.

Is there anyway he can access his existing his existing profile on \\\\Todd when logging onto the Canadian farm?

How about for Citrix OU's in both domains, there are two GPOs, one to point Canada\Users to \\ and one to point US\Users to \\


Seriously now.  If you think it's slow for him to access the US farm from canada, just imagine how slow it's going to be to copy that profile information to the canadian servers from the US..  ICA Traffic doesn't use much bandwidth at all.  If he can't get a decent connection, then I'd look at your network, not your Citrix servers..
If the profile is stored on a distant server, then the best way for the user to access it will be via the home Citrix server on the same LAN as that profile.  When you are using Citrix all you are doing is remote contolling a session on another machine, so shouldn't be any slower from far away unless you just have bad connectivity in which case you are dropping connections.  But saying Citrix is slow is kind of like saying remote desktop is slow.  How can remote desktop be slow unless what you really mean is the connectivity is bad and causes poor overall performance.
I guess a Citrix server itself can be slow, if there are too many users, etc.  Or if the profiles are allowed to get big, logon/logoff can be extremely slow.  But just using ICA to connect back the home server and have that home server access the roaming profile (which is on the same LAN) should not cause extra slowness.
Wiith the citrix webinterface installed you avoid this kind of problems.
Khurram Ullah KhanCommented:
if you are using any profile replication solution or using any SAN based replication settings then it is good for you in this case your user profiles will replicate across continent and users can get their data fast from the nearest datacenter. also in case of any disaster you can redirect users to any other DC nearest to you
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.