Windows 7 Roaming Profiles in Academic Support

By Manfred Grisebach, October 2010

 

Executive Summary

The customizations you apply to your workstation, and the applications you use, make your environment different than anyone else’s. This includes everything from your desktop background, to your Internet Explorer favourites. This is known as your personal workstation profile. It often includes the custom settings you specified when you launch your favourite application and it includes all the files and directories you’ve created under “My Documents”. If these settings and files are not backed up anywhere and your workstation dies; if you update your workstation to a newer faster one, or if you roam to another workstation in your department, all of these customizations and files should ideally have been backed up for you and follow you around.

 

Backing up unique data on a workstation becomes a combination of folder redirection and roaming profile. Both work in tandem and one without the other means not everything is backed up, which means lost data if something goes wrong. To help, IST has configured the following settings for Windows 7 workstation users:

Files and Settings that:

1.      Roam, are:

·         Appdata (as in “Appdata(Roaming)” and “Application Data”)

·         Desktop

·         Start Menu

·         Links

·         Searches

2.      Are written to your “home” networked drive, are:

·         Documents (as in “My Documents”)

·         Favorites

·         Contacts

3.      Files that are only available locally (only!), are:

·         Pictures (as in “My Pictures”)

·         Music (as in “My Music”)

·         Videos (as in “My Videos”)

·         Downloads

·         Saved Games

The rest of this document explains the details. Appendix A explains the migration steps and immediate effects on the client.

Please NOTE: The policy this document refers to does NOT get applied to Vista or WXP workstations. It applies ONLY:

·         if you sign into a Windows 7 workstation

·         AND if your userid and the workstation you are signing into have been properly migrated.

 

Introduction

Roaming profiles were last revisited in 2005 when a faster profile server was implemented. There have been some problems but for the most part, roaming profiles have been a success. It is now 5 years later and a new review of whether-or-not to redeploy roaming profiles has been completed. Enough benefits were cited to make it worth setting up a new infrastructure. The following paragraphs review those benefits and highlight the changes in this iteration, as well as explaining the new configuration settings. We hope that most will appreciate the changes that were made and we also hope that those that have moved away from roaming profiles will consider coming back to having their profiles roam.

 

Roaming Profiles and Folder Redirection

Much has changed. First of all, we have what we believe is an even faster profile server than last time. In addition to a new operating system (Windows 7) on new client workstations and a new server technology on the back end, we now have options available to us that we didn’t have before. As before our primary goals in applying folder redirection and roaming profile policies are:

·         Back up all important data on workstations

·         Make sure a workstation hard drive does not contain the only copy of any corporate data that is critical to the client’s job

·         Try and make the workstation a replaceable “appliance” so if it crashes, a new workstation can be substituted with minimal aggravation and setup time

·         Allow critical data and personal and application configurations to follow the client when they migrate to a laptop or another corporate desktop

·         And do all of this with the least amount of impact at logon and logoff times.

 

One of the biggest challenges has been the balance between performance and versatility. Admittedly, the 50MB profile size limit has been one of the biggest deterrents. By making the size larger, we increase the amount of time it takes for each workstation to synchronize its data at logon and logoff time, not to mention that there is less of a deterrent to have a client regularly clean up their space. A larger profile also rewards behaviour we would rather discourage, like storing important files on ones desktop. To keep the size smaller, we also had to exclude valid configuration directories, like Adobe and AutoCad files from roaming. This meant that these configurations were lost if the workstation crashed because no backup existed.

 

What’s changed this time is we’ve removed most directories from the exclude list and increased the profile size to 100MB.  This means most corporate data and application configurations are now backed up, and roam with the user, significantly reducing the setup time if your workstation is replaced. We’ve also redirected more of what historically has been most important to our clients to the home drive. For laptop users redirected folders are available via Offline Files, which works closely together with Folder Redirection to allow seamless access to files when not connected to the network.

 

The final big change has to do with how mostly personal, non-work-related files are dealt with. Many clients have at least one picture, music, downloads or even videos that are not part of their jobs in their file collection. In the past this has often consumed valuable departmental disk space (since the “My Pictures” directory, for instance, got redirected to people’s home folder or N:\ drive) and pushed up departmental disk quotas, or counted them as part of the previous 50MB limit. With our new folder redirection policy, these files will not only not be counted as part of the profile space, but they will also be moved off of client N:\ drives and reside only locally on client’s workstations. If an employee needs to manage departmental or university media files, this is easily accomplished by storing them in folders other than “My Music”, “My Pictures”, “My Videos” and “Downloads”. It is IST’s opinion that personal “non-work-related” data is best backed up by the clients themselves. Just to be clear: We are not discouraging the use of the “My Pictures” folder (for instance). All we’re saying is we will not be backing them up anymore.

 

For many, it is expected that these changes will mean their profiles will actually become smaller. For all it should mean faster logons and logoffs with the added benefit of having more of their configurations follow them, home – if they have laptops, and elsewhere on campus. Details of exact locations that have been applied are listed below.

 

 

 

Profiles and Folder Redirection are different in Windows 7 and WXP. In Windows 7 we have the ability to redirect up to 13 folders to one of several locations. In WXP we only have 4. Note the changes between Windows 7 and WXP in the table below:

 

Folder

W7 Setting

WXP Setting

Appdata(Roaming)

Roaming

Roaming (Application Data)

Desktop

Roaming

Roaming

Start Menu

Roaming

Roaming

Documents

%homeshare%

%homeshare%

Pictures

Local only

%homeshare%\My Documents\My Pictures

Music

Local only

%homeshare%\My Documents\My Music

Videos

Local only

%homeshare%\My Documents\My Videos

Favorites

%homeshare%\Favorites

Roaming

Contacts

%homeshare%\Contacts

Roaming

Downloads

Local only

NA

Links

Roaming

NA

Searches

Roaming

NA

Saved Games

Local only

NA

 

 

In addition to the above, there are settings to:

-          “Grant the user exclusive rights”

o   this is not checked so as to be able to grant administrative access to backup data

-          “Move the contents to the new location”

o   This was done for all redirected folders

o   We never had this on the “My Documents” folder before but the documents folder is created when the user object is created with a “home” folder, so everything already redirected

o   If this setting was not set, only newly created files would be redirected and older contents would remain only on the user’s workstation (and would not get backed up)

-          “Leave the folder in the new location when policy is removed”

o   This was done for Documents, Favorites, Contacts, Pictures, Music, Videos, Downloads and Saved Games

 

Profile Size Concerns

Applications that write their configuration information into Appdata (previously known as Application Data) could exceed profile size limits. Our size limit has been increased to 100MB from the previous 50MB. Previously, we excluded the following local workstation directories from roaming, thereby reducing the profile file size:

 

Local Settings;Temporary Internet Files;History;Temp;AppData\Roaming\Mozilla;Application Data\Adobe;AppData\Roaming\Adobe;Application Data\Autodesk;Application Data\Mozilla;Application Data\Macromedia

 

The new exclusion list is:

 

            Local Settings;Music;Pictures;Videos;Saved Games;Downloads

 

This should allow previously excluded apps to roam now.

 

Major change in what does not get backed up

Please note that the contents of the following folders no longer get backed up:

·         Music, in the “My Music” folder,

·         Pictures, in the “My Pictures” folder,

·         Downloads in the “Downloads” folder and

·         Videos in the “My Video” folder will be moved off of the home folder (N:\) and created locally on the workstation when this policy is applied.

Previously, in WXP, these folders automatically followed the “My Documents” redirected folder. Since many clients tend to store their personal non-work-related files in these folders, they started to consume departmental file shares and costly backup snapshots. For this reason, a decision was made that because these are usually not related to the workstation user’s work, they will now be the responsibility of the client.

Because profiles take over where folder redirection leaves off, the above-mentioned exclusion list needed to be applied to avoid copying them again to the roaming profile server as well as counting these files as part of the 100MB profile limit.

Clients that have legitimate work-related music, videos, pictures and downloads in Microsoft-provided containers must be informed to move then into a different folder on their N:\ drives, like “Departmental Pictures” if they wish them to:

1.      Be backed up, and

2.      Be available to them when they are not on their workstations

These people are expected to be part of the minority.

 (Note: the discrepancy between the “Music” and “My Music” directory names, for instance. This is was changed between WXP and Vista/W7 and appears one way or the other in several locations.)

The Difference between Roaming Profiles and Folder Redirection

Because there is overlap, and because it can be confusing as to what becomes part of the roaming profile, and what is folder redirected, the following may help.

The differences are:

·         Folder redirection directories get created at login; profile directories get created at login but populated at log out

·         Files and folder’s primary location for roaming profiles are local to the workstation. The backups are stored remotely.

·         Files and folder’s primary location for folder redirection is remote but a backup is kept locally as part of the “Offline Files” configuration.

·         **NOTE: In both cases, all critical files should be available locally if the network connection fails, or is not available.

·         ASIDE: The Home folder is created the moment the attribute is assigned to a user object. It gets populated when the client logs on.

 

 

Appendices          

Appendix A: Migration Procedure from Windows XP to Windows 7

For this to work as designed a few pieces must be in place. Very important for the client to understand is that it is very important that they sign in to the correct Windows 7 workstation the first time! Details below:

Administrator’s Notes

The administrator helping with the migration should make sure:

·         The client’s userid must be a member of the “Windows_7” security group.

·         The client’s roaming profile attribute should be pointed at the NEW profile server \\asupfile\roaming$. (uwfile will be retired when WXP use has been sufficiently reduced.)

·         The client’s userid and workstation are both in an OU where the “Windows 7 Academic Support Folder Redirection” policy have been applied

Client’s Notes

The client must be sure to:

·         Log into their own or their primary Windows 7 workstation FIRST before any other. The reason for this is:

o   If the userid of the client is “Fred”, all pictures on their home folder “N:\Fred’s Pictures” or “N:\My Pictures” will be copied to the local hard drive into “C:\Users\Fred\My Pictures” of this computer. The “My Pictures”/”Fred’s Pictures” folder on N:\ will no longer exist on N:\ after this move.

o   If a new “My Pictures” folder is explicitly created on the N:\ drive by the client AFTER the initial move, the folder and contents will NOT be moved the next time the client logs in. (If the registry is modified to reapply policies, it is suspected these files will be moved.)

o   The same as pictures will be true of music, videos, downloads and shared games

o   These files will NOT be available on any other Windows 7 or WXP workstation after this happens!!

·         The first time a client logs onto a Windows 7 workstation a whole new profile will be created, both locally and on the roaming profile server, if the roaming profile attribute is defined. There is no overlap between the W7 and the WXP profile.

o   It is important to note that after the migration is complete, files that are local stay local. Files that roam only roam between WXP boxes, or between W7 boxes, but not between operating systems.

o   This means important profile settings must be migrated from WXP to Windows 7. This is a great opportunity to clean up the old profile and only apply wanted changes to the new profile.

o   Each needs to be upgraded independently if the client moves back and forth.

·         The Windows 7 profile maximum size has been set to 100MB. The WXP profile size still has a maximum 50MB size!!

·         Contacts and Favorites are redirected to the N:\ drive and will be visible there from WXP and W7 workstations.

·         Only attributes and files saved as part of “folder redirection” from the WXP workstation will be immediately available in W7. These include:

o   The client’s home drive (N:\) is the same if logging into Windows 7 or WXP.

o   Pictures, Music, Videos and Downloads ONLY within Microsoft Windows-defined folders!

 

Appendix B: WXP Behaviour Explained

Windows XP Profile and Folder Redirection

To help explain where files can be found on a WXP workstation, and what the folders are called – and why – will help to be sure content important to the client is properly migrated. See below for the different possible configurations depending on the situation.

1)    The WXP client in ADS, or not, with NO Home Folder and NO Roaming Profile

An ADS user named “Fred” without a home drive and a workstation running WXP will see:

·         The local “My Documents” folder will be locally redirected to: “C:\Documents and Settings\Fred\My Documents”.

·         There is no networked home folder (N:\ drive), so all files are local.

·         The folders under “C:\Documents and Settings\Fred” are:

o   Application Data

o   Desktop

o   Favorites

o   Local Settings

o   My Documents, which contains:

§  My Pictures

§  My Videos

§  My Music

§  My Received Files

o   My Recent Documents

o   NetHood

o   PrintHood

o   SecurityScans

o   SendTo

o   Start Menu

o   Templates

o   UserData

o   And 2 files which make up the client’s customized registry settings (ntuser.dat and ntuser.dat.LOG)

·         Note: NO folder redirection or roaming profile policies are applied.

·         Note 2: This is likely the same as the client’s home WXP workstation.

 

2)    The WXP client in ADS with a Home Folder and NO Roaming Profile

For an ADS user named “Fred” with a home drive and a workstation running WXP will see:

§  The folders under “C:\Documents and Settings\Fred” are:

o   Administrator’s Documents

o   Application Data

o   Desktop

o   Favorites

o   Local Settings

o   My Recent Documents

o   NetHood

o   PrintHood

o   SecurityScans

o   SendTo

o   Start Menu

o   Templates

o   UserData

o   And 2 files which make up the client’s customized registry settings (ntuser.dat and ntuser.dat.LOG)

§   “My Documents” has been redirected to the N:\ drive

§  “My Pictures” has been redirected to N:\Fred’s Pictures

§  “My Music” has been redirected to N:\Fred’s Music

§  Anything written to “My Documents” “My Music” or “My Pictures” will be written the N:\ drive.

§  Please Note that an administrator looking at the N:\ drive contents will see “My Pictures” and “My Music”, NOT “Fred’s Pictures” and “Fred’s Music”!

§  There is no roaming profile in this example so the Folder Redirection part of the policy has been applied. The roaming profile part has not.

 

Please NOTE: Folder called “Fred’s Documents”, “Fred’s Pictures” and “Fred’s Music” exists locally on the workstation and contains the contents of what used to be called “My Documents” BEFORE the WXP workstation was moved into ADS and the client was given a home drive.

Also NOTE: Documents, pictures and music may still exist ONLY locally on this workstation. This must be checked if the client is migrated to W7.

 

 

3)    The WXP client in ADS with a Home Folder AND a Roaming Profile (Most clients will have these settings)

For an ADS user named “Fred” with a home drive and a workstation running WXP will currently (before having the new policy applied):

·         The folders under “C:\Documents and Settings\Fred” are:

o   Administrator’s Documents

o   Application Data

o   Desktop

o   Favorites

o   Local Settings

o   My Recent Documents

o   NetHood

o   PrintHood

o   SecurityScans

o   SendTo

o   Start Menu

o   Templates

o   UserData

o   And 2 files which make up the client’s customized registry settings (ntuser.dat and ntuser.dat.LOG)

·         ALL of the above folders and files are copied to the profile server except for “Administrator’s Documents” and “Local Settings”!

·         “My Documents” has been redirected to the N:\ drive

·         “My Pictures” has been redirected to N:\Fred’s Pictures

·         “My Music” has been redirected to N:\Fred’s Music

·         Anything written to “My Documents” “My Music” or “My Pictures” will be written the N:\ drive.

·         Please Note that an administrator looking at this N:\ drive contents will see “My Pictures” and “My Music”, NOT “Fred’s Pictures” and “Fred’s Music”!

 

Please NOTE: Folder called “Fred’s Documents”, “Fred’s Pictures” and “Fred’s Music” exists locally on the workstation and contains the contents of what used to be called “My Documents” BEFORE the WXP workstation was moved into ADS and the client was given a home drive.

Also NOTE: Documents, pictures and music may still exist ONLY locally on this workstation. This must be checked if the client is migrated to W7.