Profile Management best practices 编辑
A Windows user profile is a collection of folders, files, registry, and configuration settings defining the environment for a user who logs on with a particular user account. Users can customize these settings depending on the administrative configuration.
Windows 10 compatibility
Citrix Profile Management supports the latest version of Windows 10 available at the release time of Profile Management. It also supports all earlier versions of Windows 10. For example, Citrix Profile Management Version 1912 was shipping at a time when the latest version of Windows 10 was 1909 (RS7). Profile Management 1912 supports Windows 1909 (RS7) and all earlier versions of Windows 10.
The following table summarizes the recommended Microsoft Windows 10 operating systems for different versions of Profile Management:
Profile Management version | Windows 10 version | Notes |
---|---|---|
2012 | Windows 10 2010 | Citrix Virtual Apps and Desktops 7 2012 |
2009 | Windows 10 2004 | Citrix Virtual Apps and Desktops 7 2009 |
2006 | Windows 10 2004 | Citrix Virtual Apps and Desktops 7 2006 |
2003 | Windows 10 2004 | Citrix Virtual Apps and Desktops 7 2003 |
1912 | Windows 10 1909 (RS7) | Citrix Virtual Apps and Desktops 7 1912 |
1909 | Windows 10 1903 (RS6) | Citrix Virtual Apps and Desktops 7 1909 |
1906 | Windows 10 1903 (RS6) | Citrix Virtual Apps and Desktops 7 1906 |
1903 | Windows 10 1809 (RS5) | Citrix Virtual Apps and Desktops 7 1903 |
1811 | Windows 10 1809 (RS5) | Citrix Virtual Apps and Desktops 7 1811 |
1808 | Windows 10 1803 (RS4) | Citrix Virtual Apps and Desktops 7 1808 |
7.18 | Windows 10 1803 (RS4) | XenApp and XenDesktop 7.18 |
7.17 | Windows 10 1709 (RS3) | XenApp and XenDesktop 7.17 |
7.16 | Windows 10 1703 (RS2) | XenApp and XenDesktop 7.16 |
7.15 Long Term Service Release | Windows 10 1703 (RS2) | XenApp and XenDesktop 7.15 LTSR with the latest Cumulative Update |
Note:
Attempts to upgrade an OS where Citrix user profiles exist might fail. To proceed with the upgrade, remove Citrix user profiles from the local machine.
Windows 10 Start menu customization
We recommend using a partial lockdown customization layout and deploying the customization through Group Policy. For more information about customizing the layout of the Start menu, see https://docs.microsoft.com/en-us/windows-hardware/customize/desktop/customize-start-layout.
Start menu roaming
Applications pinned to the Start menu might disappear on the following operating systems after several logons:
- Windows 10 Version 1607 and later, 32-bit and 64-bit
- Windows Server 2016 Standard and
Datacenter
editions - Windows Server 2019 Standard and
Datacenter
editions - Windows 10 Enterprise for Virtual Desktops
Enable Start menu roaming on Windows 10
To ensure that Start menu roaming works properly on Windows 10, enable automatic configuration, or set the Disable automatic configuration policy to Enabled and then complete the following configuration steps:
Tip:
Automatic configuration works for Profile Management 2103 and later. Manual configuration works for all Profile Management versions.
- Enable the Folders to mirror policy and then add the following folders to the list of folders to mirror:
Appdata\Local\Packages
Appdata\Local\Microsoft\Windows\Caches
!ctx_localappdata!\TileDataLayer
(applicable only to versions earlier than Windows 10 version 1703)
Note:
Starting with Citrix Profile Management 1912, a folder added to Default exclusion list – directories or Exclusion list – directories cannot be synchronized even if you add it to Folders to mirror. Ensure that you remove the
appdata\local\packages
folder from the exclusion lists before you add it to Folders to mirror. - Enable the Files to synchronize policy and then add the following folder to the list of files to synchronize:
Appdata\Local\Microsoft\Windows\UsrClass.dat*
Enable Start menu roaming on Windows Server
To ensure that Start menu roaming works properly on Windows Server 2016 and Windows Server 2019, enable automatic configuration, or set the Disable automatic configuration policy to Enabled and then complete the following configuration steps:
Tip:
Automatic configuration works for Profile Management 2103 and later. Manual configuration works for all Profile Management versions.
Enable the Folders to mirror policy and then add the following folder to the list of folders to mirror:
Appdata\Local\Microsoft\Windows\Caches
Enable the Exclusion list – directories policy and then add the following folder to the list of folders to exclude:
Appdata\Local\Packages
Enable the Exclusion list – files policy and then add the following file to the list of files to exclude:
Appdata\Local\Microsoft\Windows\UsrClass.dat*
Note:
You cannot use the same policy for both Windows 10 and Windows Server 2016/2019. Configure separate policies for VDI and shared desktop platforms, or if using Profile Management 2103 and later, use automatic configuration.
Outlook and Office 365
Microsoft recommends Cached Exchange Mode so that a consistent online and offline Microsoft Outlook experience is enabled. You can turn on the Cached Exchange Mode from the Microsoft Outlook client. For more information, see https://docs.microsoft.com/en-us/exchange/outlook/cached-exchange-mode.
When you use Cached Exchange Mode, there is always a copy of a user’s Exchange mailbox in an Offline Outlook Data File (*.ost). The file can grow large.
We recommend avoiding storing Microsoft Outlook data locally or on shared drives. Use the Enable native Outlook search experience feature instead. With this feature, the Offline Outlook Data File (*.ost) and the Microsoft search database specific to the user roam along with the user profile. This feature improves the user experience when searching mail in Microsoft Outlook. For more information on using this feature, see Enable native Outlook search experience.
Configuring Profile Management from one location
There are three locations from which you can configure Profile Management. To configure Profile Management, use HDX policies in Citrix Studio, or a GPO in Active Directory. You can also configure Profile Management using Workspace Environment Management.
We recommend that you choose only one of the three locations to configure Profile Management.
Watch this video to learn more:
Troubleshooting best practice
Always use the Profile Management configuration checker tool (UPMConfigCheck) to identify potential configuration errors. For more information on this tool, see Knowledge Center article CTX132805.
When Profile Management does not work, first validate whether the User Store configured is accessible.
Cookie handling
Profile Management now supports deleting stale cookies for Internet Explorer 10 and Internet Explorer 11. You can use the “Process Internet cookie files on logoff” policy to delete stale cookies to avoid cookie folder bloat. In addition, add the following folders to the list of folders that you want to mirror:
AppData\Local\Microsoft\Windows\INetCookies
AppData\Local\Microsoft\Windows\WebCache
AppData\Roaming\Microsoft\Windows\Cookies
Profile streaming with Microsoft Credentials Roaming enabled
By default, the following folders in the configuration file are excluded from profile streaming:
AppData\Local\Microsoft\Credentials
Appdata\Roaming\Microsoft\Credentials
Appdata\Roaming\Microsoft\Crypto
Appdata\Roaming\Microsoft\Protect
Appdata\Roaming\Microsoft\SystemCertificates
If you configure profile streaming exclusion manually, ensure to add the preceding folders to “Profile streaming exclusion list–directories.”
Synchronizing profiles efficiently
Insufficiently synchronized user profiles can result in slow logons, losses of user settings, and profile corruption. It can also need excessive administrative efforts. To synchronize profiles efficiently, follow the recommendations described in this article.
Folder redirection
Folder redirection is a feature of Microsoft Windows that you can use with Profile Management. Folder redirection plays a key role in delivering a successful profile solution. To use folder redirection, ensure that the relevant users are in the OU that Profile Management manages. Citrix recommends that you configure folder redirection using a GPO in Active Directory. For example, you can redirect the following folders under User Configuration > Administrative Templates > Classic Administrative Templates (ADM) > Citrix > Profile Management > Folder Redirection:
- AppData (Roaming)
- Desktop
- Start menu
- Documents
- Pictures
- Music
- Videos
- Favorites
- Contacts
- Downloads
- Links
- Searches
- Saved Games
Redirect all applicable folders of the preceding list. To exclude folders from redirection, add a policy that excludes those folders, for example, the Saved Games folder, from synchronization or roaming. After that, the Saved Games folder exists only on the users’ machines. If the machines are non-persistent, the folder is deleted on logoff.
Note:
- Folder redirection eliminates the need to copy the data in those folders each time users log on and thus accelerates user logons.
- Redirecting the AppData folder might cause issues in some applications.
- The folders must be redirected to a file server that shares a subnet with the Citrix servers.
- Do not redirect the desktop folder if it is too large. Otherwise, a black screen might occur on when a user logs on.
Include and exclude files and folders
Profile Management lets you specify files and folders that you do not want to synchronize by customizing inclusion and exclusion lists. To avoid profile bloat, exclude cache files for third party applications, for example, Chrome cache files located at Appdata\Local\Google\Chrome\UserData\Default\Cache. For more information, see Include and exclude items.
Profile streaming
Profile Management fetches files in a profile from the user store to the local computer only when users access them after they log on. Doing so speeds up the logon process and reduces the profile size. For example, if a file is not used, it is never copied to the local profile folder. You can also use the Always cache policy to impose a lower limit on the size of files that are streamed. Any file this size or larger is cached locally as soon as possible after logon.
You can enable both the Enable profile streaming for folders and the Profile streaming policies to eliminate the need to fetch folders that are not accessed.
Active Write Back and Registry
This feature decreases logoff times compared to the Profile streaming feature, especially when there are many changed files. This feature synchronizes modified files and folders (but not registry entries) to the user store during the session, but before logoff.
Internet Explorer 10/11 cookie support
Profile Management 5.0 and later supports enhanced processing for cookies when using Internet Explorer 10 and Internet Explorer 11. To avoid cookie folder bloat, use the Process Internet cookie files on logoff policy to delete stale cookies. You can add the following folders to the list of folders to mirror:
- AppData\Local\Microsoft\Windows\INetCookies
- AppData\Local\Microsoft\Windows\WebCache
- AppData\Roaming\Microsoft\Windows\Cookies
For more information, see Process Internet cookie files on logoff.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论