05. 05. 2025
Unified Monitoring
Scenario
Windows has provided Remote Desktop functionality for a very long time.
A lot of companies use this feature to build up a remote Desktop Farm and then let people run programs remotely, which can be very useful when going over a WAN connection with high latency.
Starting with Windows Server 2012, Microsoft added the possibility to store the profile of each user accessing the Remote Desktop farm into a single VHDX file: the User Profile Disk.
This file is stored in an external file server and mounted remotely at user logon: this way the logon/logoff phases are faster than the old roaming profiles which were fully copied over the network.
The Remote Desktop architecture itself is still the same, even on the latest Windows Server versions.
Problems
The user profile mount/unmount mechanism sometimes hangs if a user still has running processes at logoff: the result is that the local directory linked to the network profile is not cleared at logoff and each further user logon creates a local profile directory appended with a number to make it unique.
The remote desktop user profiles don’t contain the user %LOCALAPPDATA% folder, so several programs cannot save their settings if used in a Remote Desktop farm: Microsoft Teams and Microsoft OneDrive are two of these.
Furthermore, sometimes the user profile gets corrupted and it’s necessary to delete the user profile disk VHDX file to let the user connect again to the Remote Desktop farm.
An Improvement
Microsoft released an external plugin named FSLogix: this tool aims to solve all the issues of the old user profile disks and allow the usage of programs like Microsoft Teams and OneDrive in a remote desktop farm.
The Difference
Even if FSLogix seems to use the same VHDX user profile files, there are a few differences:
- The user profile content is different
- The ownership of the VHDX files is per user, not per computer account as before
How to Migrate to FSLogix from the Old User Profile Disks
The first step is to create a parallel shared folder to host the new FSLogix user profiles.
Permissions must be set as described here:
https://learn.microsoft.com/en-us/fslogix/how-to-configure-storage-permissions
Second: the old user profile configuration in Session Collection must be turned off!
Old style user profile disk management cannot coexist with FSLogix.
Third: in order to avoid all the actual user configuration and settings, a migration tool for the User Profile disks is required.
Fortunately, a migration script has been released: it will convert the profile content to the new FSLogix style:
https://github.com/andif888/convert-udp-fslogix
Fourth: FSLogix plugin must be installed on each Session Host server of the Remote Desktop farm (a reboot is required) and a FSLogix configuration must be set on each server.
The best way to configure FSLogix is to import its specific templates into the Domain Policies and set the configuration from a centralized GPO:
https://learn.microsoft.com/en-us/fslogix/how-to-use-group-policy-templates
Conclusion
The FSLogix plugin solves many issues of the old User Profile disk engine. It’s still not clear why Microsoft don’t embed it directly into Windows Server though!
From the FSLogix official documentation:
FSLogix enhances and enables a consistent experience for Windows user profiles in virtual desktop computing environments.
Here are a few things that FSLogix provides:
- Minimize sign in times for virtual desktop environments
- Optimize file I/O between host/client and remote profile store
- Provide a local profile experience, eliminating the need for roaming profiles
- Simplify the management of applications and ‘Gold Images’
And its key capabilities:
- Redirect user profiles to a storage provider. Mounting and using the profile from a storage provider eliminates delays often associated with solutions that copy profiles to and from a network location.
- Applications use the user’s profile as if it were on the local disk. FSLogix uses a filter driver to virtualize and redirect the profile at the file system level. Applications are unaware the profile is on the network. Obscuring the redirection is important because many applications can’t work properly with a profile stored remotely.
- Application Rule Sets manage access to an application, font, printer, or other items. Access can be controlled using users, groups, IP Addresses, and other criteria.
- Application Rule Sets significantly decrease the complexity of managing large numbers of gold images.
Alessandro Romboli
Site Reliability Engineer at Würth Phoenix
My name is Alessandro and I joined Würth-Phoenix early in 2013. I have over 20 years of experience in the IT sector: For a long time I've worked for a big Italian bank in a very complex environment, managing the software provisioning for all the branch offices. Then I've worked as a system administrator for an international IT provider supporting several big companies in their infrastructures, providing high availability solutions and disaster recovery implementations. I've joined the VMware virtual infrastructure in early stage, since version 2: it was one of the first productive Server Farms in Italy. I always like to study and compare different technologies: I work with Linux, MAC OSX, Windows and VMWare. Since I joined Würth Phoenix, I could also expand my experience on Firewalls, Storage Area Networks, Local Area Networks, designing and implementing complete solutions for our customers. Primarily, I'm a system administrator and solution designer, certified as VMware VCP6 DCV, Microsoft MCP for Windows Server, Hyper-V and System Center Virtual Machine Manager, SQL Server, SharePoint. Besides computers, I also like photography, sport and trekking in the mountains.
Author
Latest posts by Alessandro Romboli
05. 02. 2025
Knowledge Management, Service Management
Dynamics 365 Finance & Operations (On -Premises) Connectivity: New Authentication Model
25. 07. 2024
Asset Management, NetEye
GLPI Device Discovery
11. 04. 2024
Business Service Monitoring, NetEye, SLM
SLA Reporting on a Business Process
06. 12. 2023
Business Service Monitoring, NetEye
Monitoring a Business Process