Solved

Roaming Profiles configuration - 2008 R2 Terminal Services

Posted on 2011-02-26
16
1,923 Views
Last Modified: 2013-11-21
In this article - http://blogs.msdn.com/b/rds/archive/2009/06/02/user-profiles-on-windows-server-2008-r2-remote-desktop-services.aspx - I read the following recommendation:
++++++++
To avoid large profile sizes, we recommend that you configure roaming user profiles for registry settings and folder redirection for all other parts of the user profile. In addition, you can set a policy to limit the profile size.
+++++++

What exactly does this mean? It sounds like I can divvy up where individual parts of the profile are stored.  How would I do this?  I would appreciate clarification.
0
Comment
Question by:lineonecorp
16 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 50 total points
ID: 34989786
If you are using roaming profiles then its best to combine this with folder redirection - this then means that you can move the users documents (my documents) and other associated files to a network location. This is transparent to the user - but it means that these then do not have to be sync'ed each time the user logs on/off (and it also means you can back up users files more easily.
see http://technet.microsoft.com/en-us/library/cc732275.aspx
0
 

Author Comment

by:lineonecorp
ID: 34992673
So with redirected folders and roaming profiles the folders of the user are in a different location than the registry entries of the profile?  If a user logs into two different TS's the folders that have been redirected will always be in the same location?
 
As far as the registry entries for the profile they will be copied from a central location to the TS server that the user logs in to and then when they logout the profile registry entries will be copied back to the central profile location? However their folders will have never been copied from the redirected location so that the amount of traffic being generated by using roaming profiles is cut down?
0
 

Author Comment

by:lineonecorp
ID: 35086815
Still on this?
0
 

Author Comment

by:lineonecorp
ID: 35187794
Still responding?
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 200 total points
ID: 35296441
When a user logs on, the roaming profile is copied to the TS (first time logon). When the user logs off, the profile on the TS is merged back to the Roaming foler share.

The profile on the TS is either deleted or kept (you decide how to configure it). If its deleted it will take some extra seconds the next time the user logs on compared to if the profile is kept on the TS.

Folder redirection will just make a connection between the TS and the RedirFld share. Nothing is copied over until a user opens i.e. a document.
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 50 total points
ID: 35299121
@lineonecorp - yes, what you've said is correct. What you need to do to make this work is to set up Folder Redirection through group policies. Assuming you are on a Windows 2008/Windows Vista/Win7 network, you can redirect some or all of the following folders, according to your needs: AppData (Roaming), Desktop, Start Menu, Documents, Pictures, Music, Videos, Favorites, Contacts, Downloads, Links, Searchs and Saved Games.  Which one(s) you redirect are up to you, except that by default if you redirect the Documents folder the Pictures and Music folders go along with it.  You would want to redirect those folders to a network location, and this will decrease the size of the roaming profile folders on the network. Everything that you don't redirect will stay in the roaming profile. The "registry" part of that is the NTUSER.DAT file, which is the HKEY_Current_User portion of the registry.

Once the folders are redirected, then only what's left will be in the user's roaming profile, and that's all that will be copied (synchronized) back and forth between the network roaming profile location and the terminal server.
0
 

Author Comment

by:lineonecorp
ID: 35303541
Thanks for the feedback.
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:lineonecorp
ID: 35303555
Some last/second  thoughts.

If I redirect the folders to a network share - let's say the desktop folder is redirected - - from what I understand from the above that means when the user logs on and opens a document that she's left on the desktop that document will load across the network from the network share. Until she opens the document there is no such loading?  Once loaded, does it get temporarily cached on the TS hard drive until the final save?  
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 200 total points
ID: 35304535
Desktop is a little different then My Documents. The Desktop is loaded during log on with all shortcuts, background etc. If a user have saved a 1 GB file on the desktop, that file is loaded during log on.

Some make the Desktop read only, while other edjucate their users not to save large files on the desktop as logon time increases.

Folder Redirection works only with synchronously policy application, so you can't enable logon optimization. If you do enable, users might have to logon 2-3 times before getting their folder redir folders.

"My Documents" is just a link. It points to a file share so if you open a document it's loaded into memory when you execute that file.

0
 

Author Comment

by:lineonecorp
ID: 35306784
"Folder Redirection works only with synchronously policy application, so you can't enable logon optimization. If you do enable, users might have to logon 2-3 times before getting their folder redir folders."

Can you perhaps rephrase/explain/give example - I'm not very clear on the meaning of this sentence.
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 200 total points
ID: 35309111
See the section: Folder Redirection and Software Installation Policies for an example:

http://technet.microsoft.com/en-us/library/cc787939(WS.10).aspx


Where you set set syncron/asyncron:

http://technet.microsoft.com/en-us/library/cc780527(WS.10).aspx


0
 

Author Comment

by:lineonecorp
ID: 35310193
Thanks for the additional notes - good read about folder redirection, caching, etc - very clear - but still not super-clear on synchronous vs. asynchronous.

Is it worth setting a 1st time user to synchronous the first time and then asynchronous after that? Or is that if I have redirected folders I will always have to set the user to synchronous?

Does this apply to 2008 R2?
0
 
LVL 21

Assisted Solution

by:snusgubben
snusgubben earned 200 total points
ID: 35310711
I guess you are talking about terminal servers, so you should add "Always wait for the network at computer startup and logon" in a GPO linked to an OU where the TSs resides.

Since it's terminal servers, the network services are up and running when the users logs on so there will not be much a long delay as long as you keep the roaming profiles small along with the Desktop folders. I don't think it would be a good idea to first set it to synchronous then back to asynchronous.

This applies to 2008R2.

0
 

Author Comment

by:lineonecorp
ID: 35317458
Thanks. I am talking about Terminal Services.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now