Saturday, 4 February 2012

Windows User Profile Design: Architects Quick Reference Notes

Three User Profile Types:
1. Mandatory Profiles
       Use for kiosk systems
2. Local Profiles
       Use for users who do not switch computers often
       Use for computers without permanent network connectivity (e.g. laptops)
3. Roaming Profiles / Terminal Services Profiles
       Use for setups where local profiles are not suitable

Note: If Terminal Services is installed on a server, the TS profile path is determined first, and if there is no TS profile it will fall back to the roaming profile, and if no roaming profile path it will fall back to using a local profile.

Incompatible Versions of User Profiles
V1 profiles on all versions of NT up to XP and Server 2003
V2 profiles on Vista and newer versions of Windows

A major reason why Microsoft introduced V2 profiles
V2 profiles offer much more options for folder redirection over V1 profiles

List of the four V1 profile folder redirection options (see User Configuration > Windows Settings > Folder Redirection):
1. Application Data
2. Desktop
3. My Documents
4. Start Menu
Fig 1. V1 Folder Redirection options (image taken from a Windows Server 2003 DC)
List of the thirteen V2 profile folder redirection options (see User Configuration > Policies > Windows Settings > Folder Redirection):
1. AppData(Roaming)
2. Desktop
3. Start Menu
4. Documents
5. Pictures
6. Music
7. Videos
8. Favourites
9. Contacts
10. Downloads
11. Links
12. Searches
13. Saved Games
Fig 2. V2 Folder Redirection options (image taken from a Windows Server 2008R2 DC)
Advantages of Folder Redirection
1. In environments where roaming profiles are not cached locally (i.e. most terminal server farms,) logon times can be greatly reduced by redirecting folders containing large files or large numbers of small files.
2. In environments where multiple profiles exist per user, folders are typically redirected to a single location per user.

Disadvantages of Folder Redirection
1. Network utilization is much higher (because profile files in redirected folders are no longer locally cached.)
2. Increased load on file servers containing the redirected profile folders
3. Increased file I/O latency with redirected profile folder files

The “last writer wins problem”
Roaming profiles and terminal services profiles can suffer from what is known as the “last writer wins” problem, whereby; if a user has several parallel sessions, only the registry of the last session to close will persist since all local copies of NTUSER.DAT are stored in only one place on the central file server. *Third-party products like Citrix User Profile Management, can overcome this.

User Profiles Rules of Thumb
1. Use as few profiles per user as possible, but as many as necessary
2. Use one profile per platform
3. Use different profiles for 32-bit and 64-bit versions of Windows
4. Do not use the same profile on workstations and terminal servers
5. V1 and V2 profiles are not interchangeable
6. To overcome the “last writer wins” problem, use one profile per silo in terminal server farms

Assigning User Profiles
1. Using group policies (recommended)

Windows Server 2003 Group Policy Object Editor Path:
Computer Configuration > Administrative Templates > Windows Components > Terminal Services : Set path for TS Roaming Profiles

Windows Server 2008 R2 Group Policy Management Editor Path:
Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Profiles : Set path for Remote Desktop Services Roaming User Profile

2. In the attributes of the Active Directory user objects

Advanced Profile Management
A list of some products that can enhance the capability, efficiency and manageability of Windows User Profiles:



Credits and Further Reading:
http://blogs.sepago.de/helge/2009/01/14/user-profile-design-a-primer/ (an absolutely outstanding post from Helge Klein upon which this post is unashamedly based)

No comments:

Post a Comment