In the last couple of weeks I’ve been working on my upcoming whitepaper Turbo Containers Reference Architecture for Citrix, VMware & Microsoft RDSH Environments and also reviewing Claudio Rodrigues upcoming book RDS 2012 R2 Complete.
You’ve probably heard about Microsoft User Profile Disk (UPD) and learned that it only works for pure RDSH environments. It wasn’t until reviewing Claudio’s book and working on my whitepaper that got me thinking. What if that worked on Citrix…
If you take a look at the post Troubleshooting Slow Logons Caused by a Large User Profile by ControlUp you’ll learn that it’s not only the size of the profile that matters, it’s also the number of files.
That got me thinking and worrying at the same time. You see, to be able to keep changes in Turbo Containers we need to roam the folder AppData\Local\Spoon\Containers. As you can see below from some small lab testing the folder contains 1984 files in 1208 folders. Yes it works fine with Citrix Profile Management and streaming, but I’m worried.
But that’s not the biggest problem. As more and more companies migrate to Office 365 the biggest challenges are the huge OST files. Yes Microsoft & Citrix recommends redirecting the file to a file share.
It’s not the optimal way, it’s recommended because it’s the ONLY way without 3 party products
Check the post Getting Started with Office 365 to get all the registry hacks to disable all annoying splash screens.
Last year FSLogix won Best of Synergy 2015 for their Profile Container Technology and this year they released FSLogix Office 365 Container that takes care of the OST part so it can be easily integrated with any other UEM solution. FSLogix supports both VDI & RDSH while LiquidwareLabs Profile Disk only support VDI.
That was before I sent an email and by pure luck included Claudio on CC. He had a theory which I instantly tested successfully. When we think about it, it’s INCREDIBLE that nobody has though about it before. The solution is so simple. Let’s do it.
User Profile Disk with Citrix
Head over to your file server and create a share where you’re going to host those UPD files. Add the computer objects with full NTFS rights and Share Permissions.
Then run the following command in PowerShell to create the User Disk Template.
1 |
(gwmi -ns root\cimv2\terminalservices -class win32_tssessiondirectory).createuserdisktemplate("\\dc-01.ctxlab.local\UPD",5) |
The last digit 5 defines the size in GB of the VHDX template.
Now with all Profile Container technologies there’s a limitation that only allows the VHDX to be mounted once. Therefore you’ll need to create a folder for each OS/Silo and copy the template inside each of those sub folders.
To enable User Profile Disk in on your Citrix Servers run the following PowerShell command as a startup script:
1 |
(gwmi -ns root\cimv2\terminalservices -class win32_tssessiondirectory).enableuservhd("\\dc-01.ctxlab.local\UPD\WS12R2","<UvhdRoamingPolicy><RoamingMode>0</RoamingMode></UvhdRoamingPolicy>") |
You’ll also need to Enable the Policy Delete cached copies of roaming profiles in Computer Configuration – Administrative Templates – System – User Profiles.
Again, please be aware that you need to create a Group Policy for each of those OS/Silos pointing to the correct sub folder.
And that’s it. I’ve successfully tested this on Windows 8.1, Windows 10 1511/1607 (Anniversary Update), Windows Server 2012 R2 and Windows Server 2016.
Finally if you take a look at your share you’ll find some rather strange file names. So which VHDX belongs to which user?
There’s a great tool from the Microsoft Gallery called Sidder that resolves this problem.
FSLogix Killer?
So what now, is FSLogix out of business? Not at all, remember that FSLogix has been working with this tech for 3 years and their Profile Container offers so much more than only the Microsoft Cache Exhange Mode stuff.
More importantly, we’ll probably never see any kind of support from Microsoft or Citrix. So larger organizations will probably happily pay the $10 extra to get support and new innovations to the technology. And did I mention Windows 7 and later, 32 & 64 bit; Windows Server 2008 R2 and later support? Request FSLogix evaluation.
If organizations wants to save money, yes then it’s a go, but if that’s the case why don’t go Pure RDSH and get Microsoft support for UPD out of the box?
We want to credit this post to RDS MVP Toby Phipps for initially passing the UPD commands to Claudio back in November 2015.
Couple of comments / questions…
1. I assume login is much faster than UPM or other solutions because the profile is now local to the VM, can you confirm?
2. Does this work with pooled and non-pooled catalogs?
3. Now if someone could only figure out how we can migrate profiles between v2 and v5 successfully, then we might be able to get W10 migrations moving in full force.
Awesome work!
Thanks Nick, more test & results coming, running LoginVSI as we speak.
1. Yes is should be much faster, not in my lab though, but with real world profiles, for sure.
2. Yes works with both.
3. Yes indeed, I think you can with FSLogix.
Hello!
Why we cannot use Citrix Personal disk instead of UPD? Any benefits of UPD?
Thanks!
You probably could, have never tried and unsure of which license edition is required.
quick question on this, does this also store HKCU registry settings?
Yes indeed, those are save to the NTUser.dat which of course is retained.
Is there a video somewhere of this being set up to make sure I’m not doing something wrong? Every time I log on to Windows 10 1607 with this configured, I get a temporary profile warning…
Not at the moment, you’re not alone, there’s still some bugs we need to figure out…will keep you posted on Twitter.
How would we back out of this?
What do you mean?
1.) Try to add RDS/XenApp computer object to full NTFS admin permission on “UvhdShareUrl” share
2.) UvhdRoamingPolicyFile = C:\Windows\RemotePackages\RDFarm\UvhdRoamingPolicy.xml
Thanks Svein Tore, that reminds me to update the post. The registry keys doesn’t fly, the command needs to be run at system startup, that way it works and the XML gets generated automatically. Are you using this in production at some EVRY customers?
So does this work on windows2012 xenapp 6.5? From what I understand this eliminates citrix user profile manager?
Indeed, works very well on RDSH, on VDI very unstable.
What do you mean with unstable on VDI? Does it not work or is it slow? Or bad performance?
Hi, have not tested on VDI, heard it from various customers. Best way to find out is testing it with a limited group of test users.
Hi, I tried running the first powershell command on the file server to create the user user disk template, and I keep getting the following error:
Exception calling “CreateUserDiskTemplate” : “”
At line:1 char:1
+ (Get-WmiObject -ns root\cimv2\terminalservices -class win32_tssessiondirectory). …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : WMIMethodException
am I doing something wrong or missing something here?
thanks
I get the same error message when I run the first powershell command. Any clues?
In our case we had to enable Remote Desktop in the VDI master machine for these commands to work
I had the same issue because i forgot to give Full Access for the MACHINE ACCOUNT on the share!
I have this problem with UPDs that Chrome really isn’t into junction points with its TEMP Folder (https://bugs.chromium.org/p/chromium/issues/detail?id=413889). So I want to exclude the “%USERPROFILE%\AppData\Local\Temp” from the UPD and I guess I can alter the XML config for that? But how? I’m not able to find any documentation for this. Any hints? Thanks! (WS16 with XenApp 7.11)
Here you go: https://thewolfblog.com/2014/02/24/user-profile-disks-for-rds-2012-2012-r2/
Do you have an example UvhdRoamingPolicy.xml that you can share? I am having troubles creating one for some reason…
Thanks in advance!
What happens if you use XenApp and run ‘published app A’ from ‘server X’ and ‘published app B’ from ‘server Y’?
FSLogix has some logic to handle that “dual access”…
Yes with FSLogix you assign e.g. an Active Directory Group, and the same group is also used in Studio. Only people with access will see that application.
Markus Zehnle is asking about the user profile on both server(X & Y).
Can the user use both app (A & B) at the same time, and still access their profile?
No, that’s the problem with UPD, just ONE connection to the Profile Disk.
Hello,
I get it working on W2k12R2 but on Windows10 I get a temp profile after logon. Any ideas?
Regards
Martin
Please try to add Domain Computers to the share.
Thanks Trond this is just great. Just what i looking for! Works perfect here. Had some really big ussues with native roaming profile oder UPM from Citrix!
Startmenu and default app settings were not saved with the new profile version v6 and ws16!
Awesome, thanks for sharing.
Thanks for great tutorial. Do you have any recommendations on what to exclude in the profile on 2012 r2 with xenapp 7.x?
Is it still best practice to exclude %appdata%\local and locallow?
If you go with UPD you shouldn’t exclude anything to keep things simple.
Hello,
What about Citrix Support ? Is it an official solution or just a tweak ?
Can we use it in production environnement for XA 7.13 ?
Thank you
Seb
Not support be either Citrix, VMware or Microsoft, but it works.
Can you tell me what you mean when you say, “Again, please be aware that you need to create a Group Policy for each of those OS/Silos pointing to the correct sub folder.”? Is there a GPO that needs created besides deleting cached copies? If so, I’m not seeing where you configured that.
It’s because you cannot log on from two different session, if needed you need more folders and policies. So if you want RDSH and VDI you need one for each.
Got it working! On one server that is, the other 2 app servers will not open an Outlook profile. I’m getting an error stating that the profile could not be configured. I made sure that the policy is being applied and that the permissions on the share are correct. Is there anything else that I could be missing?
I have 1 GPO at the top level OU to Delete Cached copies and multiple sub-OUs under that for each OS that will inherit that setting since it is not unique. Why would I have to create multiple GPOs for each OS if I am setting the same policy? Are the instructions missing an additional policy that needs to be set?
Because you can only use e.g. a Windows 2016 UPD on Windows 2016, so you need one UPD for each OS. But you can handle that logical in one GPO for sure.
Hi, I am having an issue where I am deploying this solution to a Server 2016 XenApp environment. I have used this method for Server 2012 R2 flawlessly (thanks by the way!).
I am getting this error;
Exception calling “CreateUserDiskTemplate” : “”
At line:1 char:1
+ (Get-WmiObject -ns root\cimv2\terminalservices -class win32_tssessiondirectory). …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : WMIMethodException
The remote desktop role is installed and remote desktop is enabled. The Citrix Desktop Agent is installed also. I have used these instructions before without issue.
Is there a slightly different command for Server 2016?
Many Thanks.
Strange, did work for me on WS16, let me check with Claudio.
how user profile disk cleanup in citrix