Prepare and protect user profiles before virtualizing your desktop

There are three items that make up a desktop: the desktop operating system (OS), the applications the user requires and the user's data and preferences. These are the three key items you need to prepare and protect when you move to a virtual desktop infrastructure.

While each has its own peculiarities, the most important of the three -- at least from a user's perspective -- is the user profile.

Traditionally, the user profile is stored within the confines of the desktop and because of this, it's not highly available and is trapped on the desktop itself. If the desktop dies, then so does the user's profile because they are often on the same disk drive. However, Windows includes several different technologies that are designed to achieve two specific goals in regards to user profiles:

• The first is to move the profile from within the local desktop and store it on a network shared folder. This move is automatic and occurs through a process that is completely transparent to the end user.
• The second is to provide profile mobility, letting the user access his or her preferences, data and application configurations from any desktop in the organization.

These two goals should be part of each and every virtual desktop infrastructure. By storing profiles outside of local desktops, you ensure that your users are able to work with any desktop in the organization (see Figure 1). Then, when you move from physical to virtual desktops, your implementation team does not need to be concerned about the migration or the retention of user data since it is already taken care of by Windows' own capabilities.

Figure 1
[IMAGE]Maintaining the user profile outside the local desktop lets users work with any desktop.

Windows manages remote desktop profiles through two technologies. The first, roaming profiles, is a function of the user account within Active Directory. Basically, you tell Windows to store the...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Virtual desktop infrastructure and architecture A Thanksgiving recipe: Desktop virtualization, with all the trimmings Bare-metal client hypervisors are coming -- for real this time Citrix CEO: Transition to on-demand services won't be pretty Dazzle brightens Citrix flexibility story What's new with virtual desktop infrastructure? VMware vs. Citrix virtual desktops -- what's the better deal? VMware revs up performance on virtual desktops Mark Minasi discusses cloud computing, Windows 7 and IT trends The top 5 ways that VDI can help improve your enterprise's security Will Windows 7 fuel desktop virtualization adoption? Virtual desktop management Citrix CEO: Transition to on-demand services won't be pretty What's new with virtual desktop infrastructure? How to protect virtual desktops on a corporate network Symantec and Quest's desktop virtualization suites hit the big leagues Moving from Presentation Server 4.5 to XenApp 5.0 Feature Pack 2 Top tools for securing a virtual desktop infrastructure The top 5 ways that VDI can help improve your enterprise's security Will Windows 7 fuel desktop virtualization adoption? Rejoice! Citrix modifies its XenDesktop license plans Manage Remote Desktop Services with Windows PowerShell Virtual desktop management tips How to configure Wyse terminals without console interaction How to protect virtual desktops on a corporate network Moving from Presentation Server 4.5 to XenApp 5.0 Feature Pack 2 Top tools for securing a virtual desktop infrastructure The top 5 ways that VDI can help improve your enterprise's security Capacity planning for Windows Terminal Services Taking a fresh look at Terminal Services security Manage Remote Desktop Services with Windows PowerShell How to back up PCs in a virtual desktop infrastructure The first step toward a virtual desktop infrastructure: The assessment

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary checkpoint  (SearchEnterpriseDesktop.com) desktop virtualization  (SearchVirtualDesktop.com) remote desktop  (SearchEnterpriseDesktop.com) virtual desktop  (SearchVirtualDesktop.com) virtual floppy disk  (SearchEnterpriseDesktop.com) virtual hard disk (VHD)  (SearchVirtualDesktop.com) Windows Remote Desktop  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

user's profile on a network share instead of on the local desktop. The first time the user logs in, the profile is generated and stored on the network. If the user already has a profile when you assign roaming profiles, then the profile is moved from the local system to the network.

However, there are issues with roaming profiles. The most significant is that the Windows session will not open until the profile has been completely downloaded from the server. Because of this, you will want to marry roaming profiles with another Windows technology, folder redirection. Folder redirection -- also assigned through Active Directory, but this time through the Group Policy feature -- silently redirects local folder contents contained in the user profile to a network share.

The difference between folder redirection and roaming profiles is that with folder redirection, Windows does not need to create a local copy of all of a folder's content to let the user work. This significantly reduces the delay in opening the user session. On the other hand, folder redirection alone does not protect 100% of the user's profile. You use both together by excluding all of the redirected folders from the user's roaming profile.

By combining both technologies, you reduce the time it takes to open a session, yet you provide complete protection for user contents. Best of all, you can implement these technologies at any time, even before moving to VDI. That way, you reduce the risk of having one of the three desktop construction points block your move to virtual desktops.

Resources

For a complete description of how to move local profiles to a combined roaming profile/folder redirection strategy, look up Chapter 8: Working with Personality Captures from the free Definitive Guide to Vista Migration.

[IMAGE]
[IMAGE]Table of Contents
[IMAGE]
[IMAGE] Tip 1: Verify device support in your hypervisor
[IMAGE] Tip 2: Identify desktop virtualization audiences
[IMAGE] Tip 3: Prepare and protect user profiles before virtualizing your desktop
[IMAGE] Tip 4: Use application virtualization before moving to VDI
[IMAGE] Tip 5: Lock down systems by switching to a VDI technology

About the authors: Danielle Ruest and Nelson Ruest are IT professionals focused on technology futures. Both are passionate about virtualization and continuous service delivery. They are authors of multiple books, including Windows Server 2008: The Complete Reference (McGraw-Hill Osborne), which is focused on building virtual workloads with this powerful new OS. They are currently writing Virtualization, A Beginner's Guide (McGraw-Hill Osborne). They are also performing a multi-city tour on Virtualization in the U.S. Feel free to contact them at infos@reso-net.com for any comments or suggestions.