A roaming user profile is a concept in the Windows NT family operating system that allows users with computers that join Windows Server domains to log in to any computer on the same network and access their documents and have a consistent desktop experience , such as apps considering the position and preferences of the toolbar, or the desktop view remains the same.
Video Roaming user profile
Metode operasi
All Windows operating systems since Windows NT 3.1 are designed to support roaming profiles. Typically, stand-alone computers store user documents, desktop items, app preferences, and desktop displays on a local computer in two shared sections, consisting of sections that can browse plus additional temporary sections that contain items such as web browser cache. The Windows Registry is also shared to support roaming; there are System and Local Machine hives that remain on the local computer, plus a separate User Set (HKEY CURRENT USER) designed to be able to browse with user profiles.
When roaming users are created, user profile information is stored on a centralized file server that can be accessed from a desktop computer connected to the network. The login request on the local computer checks to see if the user is in the domain rather than on the local computer; no account is required on the local computer. If the domain login is successful, the roaming profile is copied from the central file server to the desktop computer, and a local account is created for the user.
When a user logs off of a desktop computer, a user's roaming profile is merged from the local computer back to the central file server, excluding the temporary local profile item. Since this is a merge and not a removal/deletion, user profile information stays on the local computer in addition to being merged into the network.
When a user logs on a second desktop computer, the process is repeated, merging the roaming profile from the server to the second desktop computer, and then merging it back from the desktop to the server when the user logs off.
When the user returns to the first desktop computer and logs in, the roaming profile is merged with the previous profile information, replacing it. If profile caching is enabled, the server can only merge the latest files to the local computer, reusing existing local files that have not changed since the last login, and thus speeding up the login process.
Maps Roaming user profile
Limitations
Performance
Due to a profile copy when signing in and out, roaming profiles that are set using default configurations can be very slow and time-consuming for users with large amounts of data in their accounts.
When Microsoft designed Internet Explorer, programmers made explicit decisions to store cookies and favorites as small individual files of less than a kilobyte, rather than storing this data as a single, consolidated file. Microsoft also stores shortcut files in the Latest profile folder, which links to recently opened files and folders.
File servers tend to only transfer large files several megabytes in size at the fastest network speed. Hundreds of very small files of just one kilobyte per file can reduce network performance by up to 90%. As profiles and hundreds of thousands of cookies, favorites and Recent items increase, logout and logout times become slower, even though these files occupy only a few megabytes of profile data.
Local caching of a user profile on a desktop computer's hard drive can reduce and increase login and logout times, but with penalties cluttering the hard drive with profile data from every cache user logged in. Local cache is more suitable where people tend to use the same computer every day. Local profile caching is useless where hundreds to thousands of students should be able to use any computer at a university school or college - cumulative cache data from so many different profiles can use all available lab computer disk space.
WAN links
Users with roaming profiles may experience crippling login delays while logged in through the WAN. If connected to a domain from a remote site, after authentication, Windows will attempt to pull the user profile from the specified location in Active Directory. If the location happens to be across from a WAN link, it could potentially slow down the WAN to crawl and cause logins to fail (after a very long delay).
Users with roaming profiles working from remote sites must login to a machine before connecting to the network, (so machines use their local cache copy) and connect to the network after logins are complete. Another option is to remove roaming profile paths from Active Directory before their departure. This should be done in sufficient time that the changes are replicated to the relevant Domain Controllers on the remote site.
Profile size
Working with large files, such as raw video editing, can cause excessive inbound and exit time, as Windows will copy files in roaming profiles to the computer when logged in and back to the server when logged out.
In environments where large files are not mission-critical and do not really need to be backed up to servers on a per-login basis, applications that require large and excessive user data are typically run on stand-alone locale. non-cruising accounts, to bypass this storage and network retrieval.
Network congestion
In school environments, roaming can cause severe network congestion and slowness when the whole class of students ejects the computer at the same time, and then within minutes trying to get elsewhere. Inconsistencies in account data can occur if the student starts to enter the second location before the profile uploaded and exits the first location has been completed.
Program does not execute the program does not exit
Some programs that are installed on a desktop computer do not release the User's registry control during logoff, and may result in a corrupted profile because the Registry's user scanner never successfully completes. To counter this, Microsoft created a utility known as the Hive User Profile Cleanup Service which will repeatedly map the file handling for this wrong program so that the profile copy can be completed successfully and the account log process successfully. However, hanged programs may remain on local computers that still keep local User registry copies in busy state, until the computer is rebooted.
Sync on logoff
The latest version of files in the roaming profile without redirection is only stored on the local computer, and stays there until the user logs off, then transfers to the server. If server backup is done every night, and roaming users are not logged off for day by day, their account's roaming document is not included in the nightly backup.
Furthermore, if roaming users use standby or hibernation to shut down the computer at night, the profile is still not copied to the network. In this way it is possible for roaming account documents to be unsupported for days to weeks at a time, and there is considerable potential for data loss if a local hard drive experiences catastrophic failure over this long period not out of roaming account logs from local computer.
Access conflicts
Because the mechanism of copying the underlying files from server to desktop, roaming assumes a user account logged on to only one computer at a time. Documents in roaming profiles copied to local machines have no network awareness of each other, and it is not possible to use file locking to alert the user that the file is open.
Signing in to multiple computers with one account, and opening the same document multiple times on each computer may result in inconsistencies and loss of saved changes if files are changed on two different computers at the same time:
- When the first computer with the changed document logs, changes are written to the network copy of the profile.
- When both computers are logged off, different versions of documents overwrite previously saved changes during profile logout.
Compatibility
Different Windows versions may use an incompatible user profile layout. Thus, users who roam between computers with different operating systems require separate roaming profiles for each operating system. Windows Vista and Windows 7 add ".v2" suffix to the user profile folder to isolate it from the previous Windows XP user profile. Even so, Microsoft TechNet advises users not to browse between computers running Windows Vista/Windows Server 2008 and Windows 7/Windows Server 2008 R2. The user profiles in Windows 8/Windows Server 2012 and Windows 8.1/Windows Server 2012 R2 are also not fully backwards compatible, although initially they also use the ".v2" suffix. Microsoft then released hotfixes and instructions to enable this operating system to add ".v3" and ".v4" each suffix, separating them from cross-OS access.
Folder redirection
To resolve the issue of copying this profile, it is possible to override default roaming operations, and set up user accounts so that certain parts of the profile are accessed by the local computer directly on the central file server rather than copying to the first local computer. If the server is off, the user can still access some files with Offline File Completion.
For end users, the general folder redirection does not seem to work differently than using a normal stand-alone computer. Switching My Users Documents and Desktops for direct access on file servers are the first two major steps to speed up roaming profiles. However, since 3rd party software has begun storing more data in the Application Data ââi> section of the roaming profile, it also becomes useful for redirecting to be accessed directly on the server.
The question may be asked why the entire roaming profile can not be accessed directly on the server, and no need to copy at all. The reason for this seems to be that certain Microsoft programs running all the time on client computers can not tolerate the loss of their data folders all of a sudden if the server is disconnected or the network is disconnected. Some parts still need to be copied back and forth before the desktop appears so that these folders are available if the folders are redirected back to the network.
Warning
Some programs do not work correctly with the redirected profile folder referring to the UNC file path on the shared server: \\ server \ share \ username \ Application Data âââ â¬
These problems with UNC paths can usually be fixed by having the folder redirected to the drive mapping for UNC share:
- Drive N: (say) mapped to \\ server \ share \ userhomedir
- AppDir folder redirection to user's home directory: N: \ Application Data âââ â¬
However, the use of drive mappings is generally stopped by Microsoft, and the UNC-only redirection path is the preferred implementation.
- The version of the application software on various machines used with the same profile may need to remain in sync, with the same option installed, otherwise the software configuration file may refer to libraries or other dynamic extensions or resources that are not available on other machines, causing system crashes or limited features or configuration defects.
- Installing software in a single account may cause software to work only partly for other accounts because resources not available to other users depend on their access rights to the installer's personal folder.
Profile required
Transfer of folders with required profile
Folder redirects can be used with mandatory profiles, and are useful in desired situations to "lock" a common desktop view but still allow users to save documents to the network. For example, this can be used as a public account for anyone to use without a password for temporary use.
Directing My Docs and Desktop in a mandatory profile will allow the document to be saved, but on the logoff, any changes to desktop display such as desktop images, Internet Explorer cookies, Favorites, the latest documents are restored to the original state.
Transfer of the folder with the required profile is done by denying write access to the central copy of the profile. When users log off, they may expect to regularly receive errors that the profile is not successfully copied back to the server. Users should also be aware that storing data in certain locations can cause data to be lost. For example, if the desktop is reset each time a user logs on with the required profile desktop, then even though it looks good to save the file on the desktop, when the user logs off, the profile is not copied to the server, and when the user logs back in, any work stored on the desktop will be permanently lost without prior notice in addition to logout errors whose profiles can not be copied.
Setup method
Active Directory
The system administrator determines the location for each user account about where in the roaming user's network will be stored, the location usually on the Windows server settings to be the file server. In Windows 2000 and later, the profile location is set using the Active Directory Users and Computers snap-in . Windows NT 4.0 and earlier using the User Manager for Domains program. When a user logs on to a computer that joins the domain, the roaming user profile is downloaded from the server to the local computer and is applied. When a user logs off, changes made to the roaming profile are transferred back to the location where the roaming user profile is stored.
Workstations running Windows 95, 98, or Me can also have roaming profiles, but the user roaming profile files in Windows 9x are stored in the user's Home directory even if a separate roaming location is specified. To use roaming profiles in Windows 9x each workstation must be set to have separate profile settings for each user logged on to a local workstation enabled. Enable separate desktop settings in Windows 9x enabled on Password in Windows Control Panel.
Roaming profiles in Windows 95, 98 and Me are all compatible with each other so that if the network has a mix of Windows 95 and Windows 98 workstations, the same user profile can be used for each workstation. This is also the case with Roaming profiles between Windows NT 4.0, Windows 2000, Windows XP but there may be some compatibility issues due to differences in each version of Windows. Roaming profiles in Windows Vista and Windows 7 are compatible with each other but this version is not compatible with earlier versions of Windows. Separate profile folders with.V2 extensions will be created when using Roaming profiles with Windows Vista or 7. The easiest solution is to have all workstations running the same version of Windows. (see Compatibility section)
Terminal Server/Remote Desktop Server Users
The Remote Desktop Server user can have a separate roaming profile to the roaming profile used on the local desktop PC. Roaming profiles for remote desktop users are defined under the "Remote Desktop Services Profile" tab. This applies to users connected to a remote desktop server using Citrix XenApp or RDP. If no remote desktop roaming profile is specified, the user will use the same roaming profile settings for the local desktop.
Novell eDirectory/Netware
For roaming to work with Novell servers, Novell products "ZENworks Desktop Management" must be installed on the server, and related workstation management packages are installed on each client computer. In the directory, the User Package object is created, which enables roaming, determines where roaming profiles are stored, and also stores associated group policies for each version of Windows where users will log in. The User Package also enables Dynamic Local Users , which functions similarly to Active Directory, allowing accounts created in eDirectory to sign in to any desktop computer even if there are no previous local accounts, and grant local account privileges like Users , Power Users, or Administrators to the newly created local user account. For Windows NT user profile files are stored in the user's home directory under subfolders for each version of Windows, for example in Windows NT 4.0 the folder will be called "Windows NT 4.0 Workstation Profile" and in Windows XP the folder will be called "Windows NT 5.1 Workstation Profile"
The User Package may be associated with a specific user account in the directory, or associated with an organizational unit that then applies to all user accounts in the OU. The User Package also enables additional ZENworks Desktop Management functions, such as remote view and remote control of desktop computers, network printers that follow users from one desktop to the next, and event scheduling to run wherever users are logged in.
Windows 3.x
Although Windows 3.x does not contain user profiles, it is possible for users to have their own personal desktop in a business environment. Windows 3.x has an administrative setup option that can be used by network administrators by typing setup.exe/Windows and then being installed into a network share. The Windows setup then runs from each local machine to install some local files that make Windows 3.1 capable of running over the network. Local files can be saved to the user's home directory on a Novell or Windows NT Domain network that allows users to have their settings roam between machines, the local machine in this scenario does not require a hard drive and can be booted from a floppy or network card.
Reset profile
Sometimes the user profile may need to be reset if the profile becomes corrupted or to resolve the problem with the application, resetting is usually performed by the system administrator or helpdesk staff. To reset the affected user needs to exit the system and then the folder where the roaming profile user is stored on the server then renamed, the user profile must also be deleted from the local workstation user login to another user will retrieve the locally stored profile on the next login. When the profile has been deleted from the local machine when the user logs in the new profile will be generated using the default profile stored on the workstation, when the user logs out the profile will be copied back to the location where the roaming profile user is saved.
Benefits
- Enforce administrative controls using a compulsory user profile that helps protect the user environment from being damaged by the user itself.
- Users can access their data anywhere on the network with higher reliability
- Backup is easier because most of the data is in one location on the server
Loss
Every time a user logs into a workstation, all files and settings are transferred over the network; the result is the login process takes longer than if the user is using a local profile. This is especially true if the profile size is large. The login time can be reduced if the profile is cached because some files can be loaded from the local workstation and by using the redirection folder to redirect large-size folders, such as My Documents, to the network share.
However, this restriction has been resolved in Windows Server 2008 Active Directory by allowing folder redirection of almost any folder previously stored in a user profile (including My Music, Favorites, and more) to a centralized and secure network. This means that the user's roaming profile can be easily reduced to less than 20 MB, thus eliminating the old login time experienced with earlier versions of AD. When using folder redirection and caching auto offline files, all user files and preferences are available offline and synced in a much more efficient way than before when the computer is reconnected to the network using Remote Differential Compression (RDC).
Another problem is related to the various applications installed on the machine, the app saves the information to Local Settings and some into the registry, but only the registry is transferred. This may damage the functionality of the application under the roaming profile.
Share redirected folders
The redirected network folder can override the separation between 2000/XP and Vista/Win7. For example, both types of profiles can be redirected to use one Docs folder, and one Desktop folder, so that user account documents are consistent between two profiles, even if all other account settings will be different.
Redirecting redirected folders like Application Data can cause data corruption, as Microsoft does not intend this for their app data to be shared between different OS versions.
Alternative
User virtualization programs (such as AppSense) manage user profiles, settings, and data, store them in a shared network or cloud.
See also
- Folder redirection
References
External links
- Microsoft MSDN Library: Reference in User Profile
- Microsoft TechNet: Product Help Windows Server 2003: User Profile Best Practices
- Microsoft TechNet: Windows Server 2003: Whitepaper Operation: Best Practices for User Profiles
Source of the article : Wikipedia