Feeds

User data: Where the profiles roam

Keeping track ain't so easy

  • alert
  • submit to reddit

Gartner critical capabilities for enterprise endpoint backup

Blog Trying to write an article concerning actual real world implementation of technologies like roaming profiles and folder redirection has proven surprisingly difficult.

At first blush it would appear to be a straightforward project: distil the research I have done on the subject over the past few weeks, combine it with several years of experience in the area and produce a 'how to'. Hopefully I can even throw in a bit of levity and a tone that makes the subject approachable by systems administrators who have only been ever so briefly introduced to the topic before it was on to the next chapter.

The reality of the situation has proven to be quite different.

Of all the things that have caused friction in my career, ensuring that user data is put in the right place so that it can be made redundant and backed up is the big one. It ties into other things, such as VPN versus VDI, network bandwidth and limits of local storage. There are liability concerns regarding the confidentiality of synchronised data, what should be locally cached, what shouldn’t. Most importantly perhaps, things like offline document availability are a huge concern for my travelling users. Since the topic is so vast and interconnected, I find it impossible to simply spit out raw information without context.

The problem is that when dealing with technologies designed to copy, redirect or in any way change the default storage behaviour of user data, the context is absolutely critical. Blindly implementing any of these technologies is one of the biggest (and sometimes last) mistakes that a systems administrator can make at any company.

So instead of an article that simply lists the click-by-click details of how to administrate these technologies, I am going to take the opportunity to have a frank discussion about the different scenarios you are likely to encounter. I leave it up to you to Google the actual implementation details.

The first scenario, and possibly the easiest, is one in which all your users are local or 'on net' all the time. Every single user you have is connected to the corporate network in one way or another, no exceptions. These could be folks on a VPN link, site-to-site links, RDPed into virtual machines, or even sitting in the same building as the servers themselves. Let’s dispense with the formalities and just outright say this folder redirection is the way to go here. Unless your users are hoteling (more on that later) roaming profiles is simply a bad plan. With folder redirection you don’t need to copy the whole profile over to the server every logon, you can simply redirect Application Data, Desktop, My Documents, and Start Menu to the server via group policy.

This is quite simply the quickest and most robust way to deal with this problem. The data is simply stored on the server, and since your users are required to be connected to the network at all times, then that data never has to be replicated anywhere. A VPN user (say teleworking from home) would not have a local copy of these folders, and would therefore have reduced liability exposure. The caveat of course is that you have to have wide enough network pipes between your users and your server, and the server itself needs to be fast enough to serve the data to users at something more than a glacial pace.

There are a couple of things to bear in mind about folder redirection. If you are implementing folder redirection for branch offices, you might consider plunking a file server in each branch, and using a combination of distributed file system (DFS) and distributed file system replication (DFSR) in tandem with folder redirection. DFS and DFSR can take care of replicating the data from the branch back to head office for you, and your users would have access to a higher-speed local copy of their data. All while still being stored on RAIDed and backed-up servers.

Also bear in mind that folder redirection is designed to work in tandem with offline files and folders. In order to store the user data on the server, but prevent long, tedious and unnecessary synchronization, make sure that offline files and folders is either disabled by group policy, or that the relevant folders are excluded individually on each machine.

Of course, even with all users being on net, there are still usage scenarios that can throw roaming profiles or folder redirection for a loop. In my previous article I mentioned users that log onto more than one machine (hoteling). If the user expects their 'user experience' to be the same on each PC, (ie their settings for various programs go with them from computer to computer) you may not be able to get away with just folder redirection.

Secure remote control for conventional and virtual desktops

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Flash could be CHEAPER than SAS DISK? Come off it, NetApp
Stats analysis reckons we'll hit that point in just three years
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
Object storage bods Exablox: RAID is dead, baby. RAID is dead
Bring your own disks to its object appliances
Nimble's latest mutants GORGE themselves on unlucky forerunners
Crossing Sandy Bridges without stopping for breath
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.