Technology Through a Technocrats Eyes
Home
About the Author
Tech Journal
Outdoor Journal
RSS Feeds

Adventures in Tech

Redirecting Documents and Settings and Local Settings on a Citrix / terminal server environment
Posted at: 2009-03-02 @ 22:53:30
Hi All,

As most of my readers probably have gathered I work in IT for a company who supports environments for small to medium business.
Recently I've been working in a team to build a citrix server farm for around 300 users.

In this project we had a particular application that does a local install into Local Settings in the users profile and these local settings needed to be saved and roamed from one server to another.
We were using windows roaming profiles due to their ease of support and deployment into an exiting environment. How this posed a specific problem, by default windows roaming profiles doesn't roam local settings or any of the folders contained within it.

I discovered two possible solutions to this problem.

Solution 1:
Was to redirect the whole Documents and Settings folder to another location such as on a file server or a mapped network drive (if UNC paths weren't supported).
This can be done with the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\ProfilesDirectory
The default value of this key is %SYSTEMDRIVE%\Documents and Settings however this can be change to anything. Like D:\Documents and Settings or changed to a network UNC path such as \\mainFileServer\tsprofiles which is what I would have done for our citrix farm.

This will cause windows to use that path for its documents and settings folder. This would also remove the need to setup windows roaming profiles for the terminal server farm, as each server would have its documents and settings pointed to the same file server share.
It should also be noted that using this doesn't increase logon times, infact it will reduce them as it prevents the users profile from having to be downloaded from the profile server and cached locally on the terminal server itself until logoff, at which point it gets packed up and set back to the profile server.
However any file that is saved to the users profile will take longer, as instead of writing to a local disk, we'd be writing to a network share and we'd have all the network overhead to deal with.
It would also result in a lot of open files on the profile server, for example if word, and outlook where open, you'd have any outlook pst files open and words normal.dot amount other files. It becomes apparent that this number could quickly rack up.

So why is this a worry? When I file is opened via a remote share, this whole file has be able to be loaded into something called kernel memory by the kernel so the data can be fed off to the network stack. On a 32bit system the maximum amount of kernel memory possible is 2GB (yes I know 32bit OS's support 4GB of memory, however that's not native support and splits user land and kernel land apart, but this is outside the scope of this article).
If you happen to run out of kernel memory you will start getting unable to open file errors when trying to open a file over a network share or on the system itself, if the situation becomes bad enough you will find that core services like group policy processing won't be able to run and the server will lock up and have to be rebooted or have the open files closed (if that's possible).

If the 2GB max is not enough kernel memory the only option will be to go for a 64bit operating system. Current Microsoft 64bit operating systems can support up to 8 terabytes kernel memory, although in theory 64bit can address up to 16 exabytes.
See http://support.microsoft.com/kb/294418 and the table under the heading System PTEs for more information.



Solution 2:
Solution 2 certainly wins under the simple heading!
Clearing the value of the key HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ExcludeProfileDirs causes windows roaming profiles to copy the local settings folder and the folders under them, just like any other folder in the users profile!
The default value of this key is: Local Settings; Temporary Internet Files;History;Temp

In my case I just cleared this whole key, as I wanted all the settings to copy over, however some folders could still be left in here.
I also believe it would be possible to use this key to exclude certain folders inside the profile itself from being roamed and saved back to the profile server. Which would be handy if you were dealing with an application that had a really large and unneeded amount of data in a folder, which didn't need to be saved.

This solution has a disadvantage in the fact that if the local settings folder is large it will increase logon and logoff times just because of the amount of data that has to be downloaded and upload. However in my case the profile server didn't have the resources to support all the open files from solution 1, so this was the only decent option left.


I have included a paste and a link to an group policy template I made that will clear this key for any user who has the policy applied and make local settings roam at the end of this post.


Have fun!

Caveman


---------START RoamingLocalSettings.ADM-------------
CLASS USER

CATEGORY !!RoamingProfiles
POLICY "Enable local settings in roaming profiles"
KEYNAME "Software\Microsoft\Windows NT\CurrentVersion\Winlogon"
VALUENAME ExcludeProfileDirs
VALUEON ""
VALUEOFF "Local Settings;Temporary Internet Files;History;Temp"
END POLICY

END CATEGORY

[strings]
RoamingProfiles="Enable local settings in roaming profiles"
---------END RoamingLocalSettings.ADM-------------

Download ADM file HERE




Site This Page Is Valid XHTML 1.0 Transitional
Designed and created by Caveman.
All Content is Copyright of CommsCentral and Caveman.
Page construction took 0.007 seconds