I have had this post in draft for a while now, but the issue of maintaining user profile data has shifted a lot since I first started writing it. The basic idea of user profiles has been around since terminals and mainframes were data is stored how it was accessed. But it’s never been a clean solution; there are issues with session persistence and syncing user data between server or desktop location and storage repository. My first take on this was to write about VDI and managing the user’s data through various methods, but even then there are so many ways to skin that cat and worse no one agrees on the best way. Even with-in the vendor community, VMware, Citrix and Microsoft will point to in house applications and services or they will recommend third party software … and it varies engineer to engineer.
So what is an IT person to do?
Well first lets realize what makes up the user profile, it’s documents, pictures, movies, local databases, application preferences and email let’s never forget about email. All of this is a collection (sometimes a large collection) of data that makes up who the user is on their device and on the network. Often times if profile management such as folder redirection hasn’t been used there will be multiple profiles for each user across multiple devices. Do you use Remote Desktop Services (formerly Remote Desktop or Terminal Services)? Each server the user can log into will have that users profile located on the server, now expand that to their desktops. How do you manage this massive multi-OS multi-file environment? Let’s not forget that OS version to OS version may store user data in different folder structures, think Windows XP vs. Vista7 it used to be C:Documents and Settings%username% now it’s C:Users%username%.
By now you are either saying “yeah I know this man how do I fix it” or you are scratching your head wondering how many useless things are in your profile. Well before we get to solutions let’s touch base on one more important piece of the user data puzzle, and that’s the size of these profiles. Some profiles are small and run around 128Mb but those are for users that either don’t save anything or are brand new to your environment, the average user you may see anywhere from 256Mb to 1Tb (that’s right I said a Terabyte for a user profile). Now these numbers are somewhat flawed too because as you dig into user profiles there are duplicate files across multiple user profiles meaning de–dup can help, or the files can be offloaded with My Documents redirection more on that later.
Alright so now that we got the problems laid out the question of how we actually manage this need to be addressed. There are many sides to this debate right now, and I am not sure that any of them are completely right. There are those that will argue that with folder redirection alone, where select folders in a user’s profile are pointed via GPO or script to a shared storage location. (How the storage is configured and presented can be a whole different post all together) you can manage all of your users from a central repository and use Windows Active Directory and GPO’s. This isn’t entirely wrong with folder redirection users profiles are slimmed down and act as a traditional stateful profile on the machine. If you choose to go this route I recommend creating secondary disk and setting the user profile variable to point to a Users folder located there. By doing this the users data isn’t on the same disk as the operating system and you have effectively decoupled them enough to be able to rebuild and redeploy the OS image without impacting user data as long as you eliminate any ability to save data to the OS disk. Be aware though that each machine that the users logs into will get their slim profile loaded and it will remain there until manually cleared off.
Then there are stateless environments where the user’s data is streamed to their session and everything is stored centrally and no one is the wiser. This isn’t entirely true though, many companies will tell you this is how their solution works but in reality they all work like a profile with folder redirection and they utilize client based software to help encapsulate (think zip) the users profile and only expand those files as needed. The profiles are still downloaded to the machine but upon log off they sync back changes and are removed. There is of course a performance hit to this method but there is also a lot of upside to not having to worry about corrupt user data disks. Stateless is the desired end state 80% of the time with users being able to access their data from any platform be it a desktop or a cell phone and it’s always the same. There are no concerns about image redeployment because the user isn’t reliant on their OS image, and their applications sit on a different layer as well, completely independent of the OS.
All of this plays into BYOD as well as we move from device-centric to user-centric models of End User Computing (EUC) and decouple the user from their hardware we all win, user data Utopia I know.
There are a lot of resources available to learn more, here are a few. What do you use in your environment?