How-To: Roaming Profiles
This how-to guide serves as an introduction to Microsoft Server's roaming profile feature. The goal of this document is to provide the server administrator with instructional walk-through that covers the fundamental setup and configuration task's required for implementing the roaming profile feature for end-users within the Microsoft Server AD/DS server domain environment. domain environment.
Microsoft Windows Server Roaming User Profile feature enables end-users to log on to any client system within same network domain. With this feature enabled, end-users can access any of their files from any domain client. In addition the end-user will have consistent desktop and application settings on all of the domain's clients.
Prior to implementing the roaming profile feature, the following requirements must be satisfied:
- The administrator must be signed in as a member of the Domain Administrator Security, Enterprise Administrators Security, or Group Policy Creator Owners Security Group.
- Client systems must be running Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows XP, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003.
- Clients must be joined to the Active Directory Domain Services (AD/DS).
- Group Policy Management and Active Directory Administration Center installed on a computer.
- A file server available to host roaming user profiles.
Setting up a Roaming User Profile
Part One: Create Active Directory Users and Groups
To setup a Roaming User Profile, start by establishing the appropriate security group and user profile on the server. For this walk-through, the name of the security group name is "Roaming User" and the name of the user profile is "User 2".
Add the user profile as a member of security group.
Part Two: Files, Permissions
For this walk-through, a folder is created on the server for the end-user to access and store profile and application settings. The user profile will link to this folder when the end-user logs into a domain's client machines.
For the purpose of this walk through the file is named "Profiles". To make changes the folder permission's, right-click and select properties from the contextual menu. Share permissions are located within the "Security" tab of the file properties window.
The sharing permissions for the folder is configured so it's contents can be accessible by the end-user. In this case, the "Profiles" folder's share permission are configured to allow full control, change, and read permissions for the Group "Everyone". Remember that the "Roaming User" group is a sub-group of the "Everyone" Group, and therefor it inherits its permissions from its parent group.
Part Three : Connect Data to User Profile
In this step, The profile's Universal Naming Convention (UNC) path of the users profile is linked to the shared file that was created.
To do this navigate to the network to verify the "Profiles" file is shared:
Copy the network UNC path to the clipboard
Open the user properties
- Open the
- Add the UNC Path to the Profile path
Now when the "User1" logs into a domain's client , the users profile information and application settings will be stored and maintained on the server in the the shared "Profiles" folder. The user can make changes while logged on to one client, when the user logs onto a different computer any changes to the profile setting will be persistent across client systems.
When to use Roaming Profiles
Roaming profiles is useful for settings where a user may not be at the same computer at all times and needs to keep particular settings and application information consistent. This type of user may be a salesperson, a call center representative or a medical staff within a hospital organization or campus. In conjunction with Folder redirection, offline editing, roaming profiles allows for consistent usability across one or more computers.
Drawbacks of Roaming profiles
Because profile information is transferred over the network this can be slow depending on the state of the network and the amount of profile information stored that would need to be transmitted.
Because a profile if composed of several smaller files it requires the transmission of profile data to be segmented for each element of the profile rather than one large block of files. This means that hundreds or thousands of small files that would contain profile elements such as cookies, favorites and recent items, could easily congest a network.
Microsoft TechNet:Folder Redirection, Offline Files, and Roaming User
Deploy Roaming User Profiles