Thoughts from the EPS Windows Server Performance Team
Useful Microsoft Blogs
Wow. It’s hard to believe that it’s already September – 2009 has just zipped by so far! We’ve covered a number of topics on debugging over the last couple of weeks, but today we’re going to switch gears just a bit and talk about User Profiles and Terminal Services. We don’t normally deal with too many User Profile issues on the Performance team, but we do get our fair share of questions when it comes to profiles and Terminal Services. So let’s dive right in …
When you’re designing your Remote Desktop solution, user profile considerations are just as important as sizing your server, planning bandwidth requirements and defining security policies. Should the solution use locally stored profiles or centrally stored (network) profiles? For centralized profiles, which is better – roaming or mandatory? What about user home folders? As you can see, there are some variables to consider.
Let’s start with Local Profiles. Unless your terminal server solution is a single-server one, local profiles are not really an optimal solution. The reason for this is that as users log on to different servers, their user experience will change each time. In addition, as users log on to different terminal servers, multiple copies of the profile exist – one per server. The troubleshooting process may also suffer since the user may only experience issues when logging on to a particular server.
With centrally stored profiles, the main concern is the size of the profile. The larger the profile, the longer it takes to log on and off as the User Profile Service has to copy the files to and from the terminal server. Profile settings aren’t stored in a granular format – it’s one big flat file, NTUSER.DAT. However, when deciding between roaming profiles and mandatory profiles there are other factors to consider.
One consideration is that roaming profiles are essentially open to modification by the user subject to the limitations imposed on the profile by group policy. For example, if you define a wallpaper for a group via group policy, that will be the wallpaper whenever anyone from that group logs on. If no wallpaper is specified, those users can change their wallpaper at their discretion. By contrast, mandatory profiles can be edited during a single session by the user, but any changes made are not saved back to the profile. What this means is that since there are no changes, logoff times are decreased. On the surface, that seems like a good thing, right? Well, there is a gotcha – since no changes are saved, there’s no way for a user to store personal data – such as documents. Enter Folder Redirection …
Whether or not you’re using roaming or mandatory profiles, folder redirection is definitely recommended. Using folder redirection you can control the size of the user’s profile for roaming profile solutions – thus ensuring that logon and logoff times are quicker. User personal folders for documents / pictures etc should definitely be redirected – after all, you don’t want users calling the help desk complaining that they can’t save data to their personal folders! One special folder to think about when it comes to redirection is the Desktop. Back when I was an IT Admin, one of the biggest pitfalls our Desktop Administrators faced when saving off user data was forgetting to back up their actual desktop – because invariably that’s where that incredibly important document was stored. In a remote desktop environment if you’re accessing a full desktop, then saving things to the desktop is all well and good. However, you can run into issues if you are using RemoteApp – since the desktop isn’t shown. Users can still open and save documents if they know how to navigate to that path in the folder structure.
OK – that’s all for this post – in Part 2 we’ll talk about Speeding up Logons. Have a great weekend and we’ll see you next time …
- CC Hameed