• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2015
  • Last Modified:

Roaming Profiles configuration - 2008 R2 Terminal Services

In this article - http://blogs.msdn.com/b/rds/archive/2009/06/02/user-profiles-on-windows-server-2008-r2-remote-desktop-services.aspx - I read the following recommendation:
++++++++
To avoid large profile sizes, we recommend that you configure roaming user profiles for registry settings and folder redirection for all other parts of the user profile. In addition, you can set a policy to limit the profile size.
+++++++

What exactly does this mean? It sounds like I can divvy up where individual parts of the profile are stored.  How would I do this?  I would appreciate clarification.
0
lineonecorp
Asked:
lineonecorp
6 Solutions
 
KCTSCommented:
If you are using roaming profiles then its best to combine this with folder redirection - this then means that you can move the users documents (my documents) and other associated files to a network location. This is transparent to the user - but it means that these then do not have to be sync'ed each time the user logs on/off (and it also means you can back up users files more easily.
see http://technet.microsoft.com/en-us/library/cc732275.aspx
0
 
lineonecorpAuthor Commented:
So with redirected folders and roaming profiles the folders of the user are in a different location than the registry entries of the profile?  If a user logs into two different TS's the folders that have been redirected will always be in the same location?
 
As far as the registry entries for the profile they will be copied from a central location to the TS server that the user logs in to and then when they logout the profile registry entries will be copied back to the central profile location? However their folders will have never been copied from the redirected location so that the amount of traffic being generated by using roaming profiles is cut down?
0
 
lineonecorpAuthor Commented:
Still on this?
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
lineonecorpAuthor Commented:
Still responding?
0
 
snusgubbenCommented:
When a user logs on, the roaming profile is copied to the TS (first time logon). When the user logs off, the profile on the TS is merged back to the Roaming foler share.

The profile on the TS is either deleted or kept (you decide how to configure it). If its deleted it will take some extra seconds the next time the user logs on compared to if the profile is kept on the TS.

Folder redirection will just make a connection between the TS and the RedirFld share. Nothing is copied over until a user opens i.e. a document.
0
 
Hypercat (Deb)Commented:
@lineonecorp - yes, what you've said is correct. What you need to do to make this work is to set up Folder Redirection through group policies. Assuming you are on a Windows 2008/Windows Vista/Win7 network, you can redirect some or all of the following folders, according to your needs: AppData (Roaming), Desktop, Start Menu, Documents, Pictures, Music, Videos, Favorites, Contacts, Downloads, Links, Searchs and Saved Games.  Which one(s) you redirect are up to you, except that by default if you redirect the Documents folder the Pictures and Music folders go along with it.  You would want to redirect those folders to a network location, and this will decrease the size of the roaming profile folders on the network. Everything that you don't redirect will stay in the roaming profile. The "registry" part of that is the NTUSER.DAT file, which is the HKEY_Current_User portion of the registry.

Once the folders are redirected, then only what's left will be in the user's roaming profile, and that's all that will be copied (synchronized) back and forth between the network roaming profile location and the terminal server.
0
 
lineonecorpAuthor Commented:
Thanks for the feedback.
0
 
lineonecorpAuthor Commented:
Some last/second  thoughts.

If I redirect the folders to a network share - let's say the desktop folder is redirected - - from what I understand from the above that means when the user logs on and opens a document that she's left on the desktop that document will load across the network from the network share. Until she opens the document there is no such loading?  Once loaded, does it get temporarily cached on the TS hard drive until the final save?  
0
 
snusgubbenCommented:
Desktop is a little different then My Documents. The Desktop is loaded during log on with all shortcuts, background etc. If a user have saved a 1 GB file on the desktop, that file is loaded during log on.

Some make the Desktop read only, while other edjucate their users not to save large files on the desktop as logon time increases.

Folder Redirection works only with synchronously policy application, so you can't enable logon optimization. If you do enable, users might have to logon 2-3 times before getting their folder redir folders.

"My Documents" is just a link. It points to a file share so if you open a document it's loaded into memory when you execute that file.

0
 
lineonecorpAuthor Commented:
"Folder Redirection works only with synchronously policy application, so you can't enable logon optimization. If you do enable, users might have to logon 2-3 times before getting their folder redir folders."

Can you perhaps rephrase/explain/give example - I'm not very clear on the meaning of this sentence.
0
 
snusgubbenCommented:
See the section: Folder Redirection and Software Installation Policies for an example:

http://technet.microsoft.com/en-us/library/cc787939(WS.10).aspx


Where you set set syncron/asyncron:

http://technet.microsoft.com/en-us/library/cc780527(WS.10).aspx


0
 
lineonecorpAuthor Commented:
Thanks for the additional notes - good read about folder redirection, caching, etc - very clear - but still not super-clear on synchronous vs. asynchronous.

Is it worth setting a 1st time user to synchronous the first time and then asynchronous after that? Or is that if I have redirected folders I will always have to set the user to synchronous?

Does this apply to 2008 R2?
0
 
snusgubbenCommented:
I guess you are talking about terminal servers, so you should add "Always wait for the network at computer startup and logon" in a GPO linked to an OU where the TSs resides.

Since it's terminal servers, the network services are up and running when the users logs on so there will not be much a long delay as long as you keep the roaming profiles small along with the Desktop folders. I don't think it would be a good idea to first set it to synchronous then back to asynchronous.

This applies to 2008R2.

0
 
lineonecorpAuthor Commented:
Thanks. I am talking about Terminal Services.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now