Windows User State Virtualization - Part 5: Complex environment

In this section, we will show you the high-level steps for implementing various Windows User State Virtualization solutions.

Network Administration - In this section we will show you the high-level steps for implementing various Windows User State Virtualization solutions.

Earlier parts of this series, we discussed how to plan issues around Windows User State Virtualization (USV). In this section and the following sections we will go into high performance aspects because most low-level implementation details have been introduced in TechNet's articles (you can download instructions from here). ). Although TechNet's article was written during Windows Vista, due to no changes in the user profile structure in Windows 7, compared to Windows Vista, the procedures and TechNet were perfectly valid. However, TechNet's articles only mention the basics for implementing FR or RUP and never introduce problems such as latency, availability, or indexing, this is Very important issues in large organizations wishing to implement USV solutions. Therefore, in this article we will fill these gaps by providing an overall level of steps to implement USV in different scenarios.

Scenario 1: Execute FR for Windows 7

As mentioned in the previous article of this series, if you use Folder Redirection alone (FR) - not executing Roaming User Profiles (RUP) - then you only transfer (redirect) user data directories. such as My Documents and Desktop, it is not possible to redirect the AppDataRoaming folder, which is a directory of user settings. If you do not use FR right in your environment, clients are currently running Windows XP and you plan to transfer them to Windows 7, it is best not to execute FR until Windows 7 is deployed because this approach will Give your users a better first-time login experience because their data folders are redirected first.

When all clients are running Windows 7, high steps for implementing FR are as follows:

  1. Decide which user data directory will need to transfer based on business needs.
  2. Estimate the total amount of data that can be redirected by FR and make sure your servers have enough storage space.
  3. Execute Failover Clustering for redirection servers to ensure high availability for transferred data.
  4. Identify which USV scenarios are important to your environment. For example:
  1. If you have assigned computers and executed FR primarily for centralized backup of user data, Offline Files should be enabled on client computers so that redirected files will be indexed locally on each machine. User's calculation. In that case, it is necessary to detect network problems in your environment in order to affect the performance of the Offline Files feature. One way to deal with high network latency (for example) is to configure slow link mode by Group Policy so that the network link is always considered a slow link. That way, the user always works from the local Offline Files cache, not the network. However, if you do this, you need to configure Offline Files Group Policy to synchronize regularly with the server in the background.
  1. If the user has not been assigned computers and instead can use any available computer (user roaming script), you should consider whether to disable Offline Files on client computers and type index of shared folders on the server itself redirection. Windows Desktop Search 4.0 needs to be installed on redirection servers so that Windows 7 clients can execute remote queries to retrieve user data on redirection servers. The advantage of this method is that user data does not need to be re-indexed locally when a user works on a computer they have never logged in before.
  1. Find out if you have any complex environment problems. For example, if there are some computers running Windows 7 and some computers using Windows Vista, you basically just need to execute FR as if all of your computers are running Windows 7. However, if there are several Windows XP computers in the environment, you need to configure the Pictures, Music and Videos folders according to the Documents folder. In other words, you are more or less restricted to executing FR in Windows XP - unless your Windows XP computer accounts are in a separate OU and you can implement independent FR policies for Windows 7 / Windows Vista and Windows XP computers.
  2. When you're ready, use Group Policy to create a new FR policy with the steps outlined in the section titled 'Scenario 1: Manage data roaming with Folder Redirection'.

Scenario 2: Convert FR to Windows 7

If you currently use Windows XP, have implemented FR in your environment, plan to switch to Windows 7 and want to continue using FR in your environment, the steps you need to take will depend on Whether you want to remove an existing Windows Server 2003 infrastructure or upgrade your back-end system to Windows Server 2008 R2. If you leave the existing server infrastructure, you can also leave existing FR policies.

However, if you plan to upgrade the infrastructure to Windows Server 2008 R2, you can take advantage of the advanced FR policies available for this platform. One way to do that is:

  1. Transfer your clients to Windows 7 and the server infrastructure to Windows Server 2008 R2.
  2. Switching the directory structure and user data is redirected from the old redirection server that is using Windows Server 2003 to the redirection server running Windows Server 2008 R2.
  3. Upgrade FR policies so you can redirect Favorites, Downloads and user profile folders that were previously unable to be transferred using Windows Server 2003 Group Policy.

The steps above are not always appropriate because there are many things that can affect the steps you need to take, so the best way to consult the support from your organization is to have Get more detailed instructions.

One thing you should not do in this scenario is:

  1. Configure an existing FR policy to transfer user data back to the client.
  2. Do not use the old redirection server.
  3. Navigate the clients to Windows 7 using the User State Migration Tool (USMT) to transfer their user data and settings.
  4. Provide new redirection server.
  5. Configure a new FR policy to transfer data to the new server.

The reason you do not perform this procedure is because the risk of data loss is very high - during the execution process, the data resides on the clients and is not backed up.

Scenario 3: Implement FR with RUP for Windows 7

If using Folder Redirection (FR) with Roaming User Profiles (RUP), there are two ways you can roam user settings:

  1. You can use FR to roam the AppDataRoaming folder while using RUP to roam HKCU Ntuser.dat registry.
  2. It may not be possible to use FR to roam the AppDataRoaming directory and instead use RUP to roam both AppDataRoaming and HKCU registry.

You can see the third part of this series to learn about the advantages and disadvantages of each method.

If you do not use FR / RUP right in the environment, clients are currently using Windows XP, and you plan to transfer them to Windows 7, which is best if you do not execute FR / RUP until deployment Open Windows 7 because of incompatibilities between Windows XP user profiles and Windows Vista user profiles and newer versions.

When all clients are using Windows 7, there will be additional high steps for executing FR / RUP as:

  1. Estimate the total amount of roaming user profile data that can be roamed using RUP and ensure roaming profile servers have enough storage space. Here are some other issues when making estimates:
  1. If the user profile folders such as Pictures, Music and Video are not important to the business and will not be transferred by FR, you should use Group Policy to exclude these directories from roaming with RUP, section destination reduces the size of the roaming profile and improves login and logout performance. Policy setting for configuration is User ConfigurationPoliciesAd Administrative TemplatesSystemUser ProfilesExclude Directories In Roaming Profile.
  2. If you want to limit the size of the roaming profile, it should not be done by configuring the User Configuration Policy Administration TemplatesSystemUser ProfilesLimit Profile Size but instead adding the File Services Resource Manager (FSRM) role to the servers. roaming your profile and make soft quotas with notifications to users via email when they exceed their quota.
  3. It is recommended to save roaming user profiles on a server other than the server with the transferred data folders. In other words, your RUP server and FR server should be two different servers.
  4. Implement Failover Clustering for roaming profile servers to ensure high availability for roaming user profiles.
  1. Detecting problems arising in complex environments. For example, RUP cannot be used to roam 64-bit registry settings via 32-bit and 64-bit Windows.
  2. Create a default user profile and customize it to the user's needs, then copy the profile to the NETLOGON share item located on your domain controllers. Note that this step will be slightly different when done in Windows 7 and Windows XP.
  3. Prepare roaming profile servers to save user profiles. Configure user accounts in Active Directory to use roaming profiles. When a user first logs into their computer, the customized network profile is downloaded from NETLOGON to their computer. Then, when this user logs off the computer, their profile will be uploaded to the profile server, where it will be downloaded the next time the user logs in.

Scenario 4: Convert FR with RUP into Windows 7

If you are currently running Windows XP and executing both FR and RUP in your environment and planning to switch to Windows 7 but still want to continue using both FR and RUP in the environment, the best way is to capture head from rubble. This is because the Windows XP user profile is not compatible with Windows 7, so when you migrate, your users will not be able to load their existing Windows XP roaming profiles on their Windows 7 computer. In other words, you can do the following:

  1. Redirect all user data directories back to the user's computers
  2. Create and customize a network default .v2 profile and copy it to NETLOGON.
  3. Switch from Windows XP to Windows 7
  4. Execute FR to redirect user data back to the network by following the steps outlined in scenario 1 above.
  5. Execute RUP by following the steps outlined in scenario 3 above.

However, due to the complexity of this scenario, it is best to ask for your TAM (Technical Account Manager) assistance or even ask for help from MCS (Microsoft Consulting Services) in real life. Current operating system transfer.

Conclude

Implementing FR is very simple, but switching FR is not so simple. Implementing FR with RUP is even more complicated, making it difficult to switch FR / RUP. In the following sections of this series, we will provide some questions and answers related to Windows user state virtualization, then we will introduce how to customize the default user profile in Windows 7 and Make the default network profile used by RUP.

4.2 ★ | 5 Vote