[gptalk] Re: Roaming Profiles at remote site

  • From: Steven <usersend@xxxxxxxxx>
  • To: gptalk@xxxxxxxxxxxxx
  • Date: Mon, 7 May 2007 13:25:32 -0400


Roaming profiles are a great idea, but they have never quit worked the way I
think we all would have liked. You problem as an example. Retrieving data
over a slow or inconsistent link is something I don't think we will overcome
any time soon.

So, that being said here are some of my ideas. I think your solution might
be a combination of a few technologies, but set up correctly can have the
effect you are looking for.

1) Disallow roaming to the sites. A ten minute logon is enough to have
someone put a contract out on you!
2) DFS- If the space is there in your remote sites and the 50 users don't
have Gigs and Gigs of data in their personal folders, maybe you can try
using DFS (second gen. only 2003 server as the first generation is a pain
and has far more limitations and quirks). So, if you tried DFS, the personal
data would already be local, syncronized and quite fast. and added bonus
would be that the data would be available to the users at whatever site they
"roam" to. This could also include data such as desktop configurations. Like
I said though, it really depends on your space, Network and of course
politics you might have to deal with.
3) APPLICATIONS- I would assume that certain apps need to follow these
users. If the apps aren't anything heavy duty, say something like Quark, you
might think about publishing the apps per user or even per group or OU. The
app would automatically install where ever they logon if it is not already
there and it could be set up so that the roaming user is the only person
logging onto that computer that has access to that application.
4) RDP- Although a security risk coming from outside of the Network, within
the Network you can control how and who uses it. Actually RDP is a very
secure protocol especially in version 6, the encryption has gotten quit a
bit better. You could have the roaming users use remote desktop to work on
their desktops back in their base office. This would eliminate all of the
problems you are having now and there would be an extremely low Network
overhead for this type of set up. No licensing would be necessary either
since you can remote into an XP client for management. There are few small
ins and out with this one but they are easily overcome. Printing would be
one caveat but with a little planning, the printers installed on the client
at the remote site should print fine with redirection and logging on with
RDP would log them off of their "base" station. Thy would even have pate and
copy functionality. The best thing about this choice is that you can set it
up and test it right from your desk and it could take less than a day to get
the whole thing set up.

I have some other ides but I don't know your topology or server placement
and of course there are always other factors. Usually the RDP solution is
well received because the users get exactly what they are used to working
with and you don't have to waste any software licenses having multiple


On 5/7/07, mike kline <mkline@xxxxxxxxx> wrote:

We are using roaming profiles for about 50 users that use different
machines routinely and everything works fine on our local LAN with a very
fast pipe.

These users will occasionally go to a remote site where the connection
sucks.  Even a small 10 MB profile can cause unacceptable login times (>
10 minutes)

What I'm thinking of doing is this.

   1. Prevent roaming profiles at the remote site by setting the "only
   allow local profiles" setting via   a GPO
   2. Since they will still want access to data back at the home office
   I will redirect their my documents folder to a file server
   3. Use the "Do not automatically make redirected folders available
   offline" setting.    I don't want the redirected files to be pinned
   and slow down their login.  The connection at the remote site is slow but
   seems to be reliable, I'm not worried about them working offline.
   4. Use "Allow processing across a slow network connection" for
   folder redirection

I was also thinking about redirecting their desktop since a lot of them
seem to save to their desktop too.   I'm not going to redirect application

I think this should still allow them to use roaming profiles at the home
office like normal and it should solve the problem at the remote site.

What do you all think?  Is this an OK plan or would you do something




Other related posts: