[gptalk] Re: Roaming Profiles at remote site

  • From: Steven <usersend@xxxxxxxxx>
  • To: gptalk@xxxxxxxxxxxxx
  • Date: Tue, 8 May 2007 09:52:51 -0400


Not a problem at all. Do remember though, DFS has it's headaches like any
other technology. It also has a whole new set of things to watch every day.
I was thinking about your users and what you needed to provide them with and
I was thinking that the remote desktop solution would fit best and be least
disruptive. It's simple, no changes to Schema, servers, extremely low
traffic and would be pretty close to problem free. Remember that RDP is
built into Windows. This actually makes it very stable and it will behave
the same day after day. When the number of people needing the
service doesn't necessitate big changes, all you would need to do with
RDP is teach the users where to find the Remote Desktop in
Start>programs>Accessories>Communication. You could even run a script for
them that puts the shortcut right on the desktop. Lets face it some users
are a little lazy. Next, they only need to know their computer names. All
you have to do is put them in the local remote desktop group on their "home
base" machines (you could even script that) and you are done.

With DFS, keep in mind, you will still struggle with some of the same
problems you have now. Even if you used DFS to ensure that a copy of the
roaming profile was actually local to that site, you still have to get it to
the machine in a timely manner. Even locally the performance isn't always
what we would like to see and as I am sure you know, it still has it's own
little quirks.

One other bonus of going the RDP route is that you might be able to totally
do away with roaming profiles or at least keep them at a very low minimum.
That should help with traffic and users perceptions.

On another note, Omar replied and suggested using Terminal Services. I think
that would be an excellent idea too. Especially if your roaming users get to
be over 50. I think the terminal Services CAL's are about $25.00 to $30.00
per user. You will need a license server (an existing DC would do fine with
little to no overhead) and a dedicated Terminal Services Server for the
users to access and use all day. I guess all that would be another topic

Good luck with everything and if you are still looking at the DFS route,
take a look at this Q&A on DFS from MS on version 2 of DFS (Windows 2003
R2). It should help you get a good start! There is also an overview of the
Distributed File System there in the TOC on the left.

Steven Mannings

Network Administrator


On 5/8/07, mike kline <mkline@xxxxxxxxx> wrote:

Thanks a lot Steven and Omar for the great suggestions;  DFS is something
I'm definitely thinking about.   Now I have to convince the higher ups to
let us extend the schema.


On 5/7/07, Omar Droubi <omar@xxxxxxxxxxxxxxxxxxxxx> wrote:
>  Mike,
> Roaming profiles are always a pain to manage for some of the issues you
> noted in your message- plus several other problems that users encounter like
> IE temp folder size which is easily managed through GPO.
> Here are a few suggestions- not gpo related:
> option 1. Move to a terminal server / workstation solution to support
> the 50 users. (on the workstation install only the line of business
> applications that are not certified to run on a terminal server)(on the TS
> server install everything else and have your users use the TS as their
> primary desktop environment.)
> option 2. Upgrade your servers in the home and remote site to Windows
> server 2003 R2 and make use of the new distributed file system replication
> features.
> My guess is that your users do not work from more than 1 office in a
> single day- so the roaming profile folders can be replicated once or twice a
> day.
> The My docs folder redirection data shares  - can be replicated more
> frequently as the DFS in R2 replicates only changes after the initial sync-
> which you can prestage.
> The only issues with option 2 is the server upgrade or licenses as well
> as the storage requirements in each office but it works pretty darn good.
> option 3. There are many network devices available now that can compress
> data in real time between office (mostly called WAFS devices- wide area file
> service). You would have to implement these in the home and each remote
> office and this solution also works great but very expensive.Here is one
> of the vendors that have a good product as an example: www.riverbed.com
> Simply turning off roaming profiles at the remote sites breaks the
> requirements that you probably started using roaming profile for anyway. but
> without turning it off I bet you have some users that do not wait for the
> profile to get loaded all the way back to the home server and you may
> encounter data loss- but that is another story.
> Also- Redirecting the desktop across a WAN link - many users will notice
> the objects on the desktop to blink and have some slow desktop response.
> hope this helps some.
> Omar
> ------------------------------
> *From:* gptalk-bounce@xxxxxxxxxxxxx on behalf of mike kline
> *Sent:* Mon 5/7/2007 7:03 AM
> *To:* gptalk@xxxxxxxxxxxxx
> *Subject:* [gptalk] Roaming Profiles at remote site
> We are using roaming profiles for about 50 users that use different
> machines routinely and everything works fine on our local LAN with a very
> fast pipe.
> These users will occasionally go to a remote site where the connection
> sucks.  Even a small 10 MB profile can cause unacceptable login times (>
> 10 minutes)
> What I'm thinking of doing is this.
>    1. Prevent roaming profiles at the remote site by setting the
>    "only allow local profiles" setting via   a GPO
>    2. Since they will still want access to data back at the home
>    office I will redirect their my documents folder to a file server
>    3. Use the "Do not automatically make redirected folders available
>    offline" setting.    I don't want the redirected files to be
>    pinned and slow down their login.  The connection at the remote site is 
>    but seems to be reliable, I'm not worried about them working offline.
>    4. Use "Allow processing across a slow network connection" for
>    folder redirection
> I was also thinking about redirecting their desktop since a lot of them
> seem to save to their desktop too.   I'm not going to redirect
> application data
> I think this should still allow them to use roaming profiles at the home
> office like normal and it should solve the problem at the remote site.
> What do you all think?  Is this an OK plan or would you do something
> different?
> Thanks
> Mike


Other related posts: