Citrix Profile Management Settings
Note:
Some options work only with specific versions of Profile Management. Consult the Profile Management documentation for details.
Workspace Environment Management (WEM) service supports the features and operation of the current version of Citrix Profile Management. In the WEM administration console, the Citrix Profile Management Settings (in Policies and Profiles) supports configuring all settings for the current version of Citrix Profile Management.
In addition to using WEM to configure Citrix Profile Management features, you can use Active Directory GPOs, Citrix Studio policies, or .ini files on the VDA. We recommend that you use the same method consistently.
Main Citrix Profile Management settings
Get started with Profile Management by applying basic settings. Basic settings include processed groups, excluded groups, user store, and more.
Enable Profile Management Configuration. When enabled, you can configure and apply your settings. Enabling this option creates Profile Management related registries in the user environment. The option controls whether WEM deploys Profile Management settings you configure in the console to the agent. If disabled, none of the Profile Management settings are deployed to the agent.
Enable Profile Management. Controls whether to enable the Profile Management service on the agent machine. If disabled, the Profile Management service does not work.
You might want to disable Profile Management completely so that settings already deployed to the agent will no longer be processed. To achieve the goal, do the following:
-
Clear the Enable Profile Management check box and wait for the change to apply automatically or apply the change manually for immediate effect.
Note:
The change takes some time to take effect, depending on the value you specified for SQL Settings Refresh Delay in Advanced Settings. For the change to take effect immediately, refresh agent host settings and then reset Profile Management settings for all related agents. See Administration.
-
After the change takes effect, clear the Enable Profile Management Configuration check box.
Set processed groups. Lets you specify which groups are processed by Profile Management. Only the specified groups have their Profile Management settings processed. If left empty, all groups are processed.
Set excluded groups. Lets you specify which groups are excluded from Profile Management.
Process logons of local administrators. If enabled, local administrator logons are treated the same as non-administrator logons for Profile Management.
Set path to user store. Lets you specify the path to the user store folder.
Migrate user store. Lets you specify the path to the folder where the user settings (registry changes and synchronized files) were saved. Type the user store path that you previously used. Use this option along with the Set path to user store option.
Enable active write back. If enabled, profiles are written back to the user store during the user’s session, preventing data loss.
Enable active write back registry. If enabled, registry entries are written back to the user store during the user’s session, preventing data loss.
Enable active write back on session lock and disconnection. With both this option and the Enable active write back option enabled, profile files and folders are written back only when a session is locked or disconnected. With both this option and the Enable active write back registry option enabled, registry entries are written back only when a session is locked or disconnected.
Enable offline profile support. If enabled, profiles are cached locally for use while not connected.
Profile container settings
These options control Profile Management profile container settings.
Enable Profile Container. If enabled, Profile Management maps the listed folders to the profile disk stored on the network, thus eliminating the need to save a copy of the folders to the local profile. Specify at least one folder to include in the profile container.
Enable Folder Exclusions for Profile Container. If enabled, Profile Management excludes the listed folders from the profile container. Specify at least one folder to exclude from the profile container.
Enable Folder Inclusions for Profile Container. If enabled, Profile Management keeps the listed folders in the profile container when their parent folders are excluded. Folders on this list must be subfolders of the excluded folders. This means that you must use this option in combination with the Enable Folder Exclusions for Profile Container option. Specify at least one folder to include in the profile container.
Enable File Exclusions for Profile Container. If enabled, Profile Management excludes the listed files from the profile container. Specify at least one file to exclude from the profile container.
Enable File Inclusions for Profile Container. If enabled, Profile Management keeps the listed files in the profile container when their parent folders are excluded. Files on this list must be contained in the excluded folders. This means that you must use this option in combination with the Enable Folder Exclusions for Profile Container option. Specify at least one file to include in the profile container.
Enable Local Cache for Profile Container. If enabled, each local profile serves as a local cache of its profile container. If profile streaming is in use, locally cached files are created on demand. Otherwise, they are created during user logons. To use this setting, put an entire user profile in its profile container. This setting applies only to Citrix Profile Management profile containers.
Tip:
When adding files or folders, you can use wildcards. For more information, see Wildcard support.
Enable VHD disk compaction. If enabled, VHD disks are automatically compacted on user logoff when certain conditions are met. This option enables you to save the storage space consumed by profile container, OneDrive container, and mirror folder container.
Depending on your needs and the resources available, you can adjust the default VHD compaction settings and behavior using the Set free space ratio to trigger VHD disk compaction, Set number of logoffs to trigger VHD disk compaction, and Disable defragmentation for VHD disk compaction options in Advanced settings.
Profile handling
These settings control Profile Management profile handling.
Delete local cached profiles on logoff. If enabled, locally cached profiles are deleted when the user logs off.
Set delay before deleting cached profiles. Lets you specify a delay (in seconds) before cached profiles are deleted on logoff.
Enable Migration of Existing Profiles. If enabled, existing Windows profiles are migrated to Profile Management on logon.
Automatic migration of existing application profiles. If enabled, existing application profiles are migrated automatically. Profile Management performs the migration when a user logs on and there are no user profiles in the user store.
Enable local profile conflict handling. Configures how Citrix Workspace Environment Management handles cases where Profile Management and Windows profiles conflict.
Enable template profile. If enabled, uses a template profile at the indicated location.
Template profile overrides local profile. If enabled, the template profile overrides local profiles.
Template profile overrides roaming profile. If enabled, the template profile overrides roaming profiles.
Template profile used as Citrix mandatory profile for all logons. If enabled, the template profile overrides all other profiles.
Advanced settings
These options control advanced Profile Management settings.
Set number of retries when accessing locked files. Configures the number of times the Agent retries accessing locked files.
Set directory of the MFT cache file. Lets you specify the MFT cache file directory. This option has been deprecated and will be removed in the future.
Enable application profiler. If enabled, defines application-based profile handling. Only the settings defined in the definition file are synchronized. For more information about creating definition files, see Create a definition file.
Process Internet cookie files on logoff. If enabled, stale cookies are deleted at logoff.
Delete redirected folders. If enabled, deletes local copies of redirected folders.
Disable automatic configuration. If enabled, dynamic configuration is disabled.
Log off user if a problem is encountered. If enabled, users are logged off rather than switched to a temporary profile if a problem is encountered.
Customer experience improvement program. If enabled, Profile Management uses the Customer Experience Improvement Program (CEIP) to help improve the quality and performance of Citrix products by collecting anonymous statistics and usage information. For more information on the CEIP, see About the Citrix Customer Experience Improvement Program (CEIP).
Enable multi-session write-back for profile containers. If enabled, Profile Management saves changes in multi-session scenarios for both FSLogix Profile Container and Citrix Profile Management profile containers. If the same user launches multiple sessions on different machines, changes made in each session are synchronized and saved to the user’s profile container disk.
Enable asynchronous processing for user Group Policy on logon. If enabled, Profile Management roams with users a registry value that Windows uses to determine the processing mode for the next user logon — synchronous or asynchronous processing mode. If the registry value does not exist, synchronous mode is applied. Enabling the option ensures that the actual processing mode is applied each time users log on. If disabled, asynchronous mode can’t be applied as expected if users:
- Log on to different machines.
- Log on to the same machine where the Delete locally cached profiles on logoff option is enabled.
Disable defragmentation for VHD disk compaction. Applicable when Enable VHD disk compaction is enabled. Lets you specify whether to disable file defragmentation for VHD disk compaction.
When VHD disk compaction is enabled, the VHD disk file is first automatically defragmented using the Windows built-in defrag
tool, and then compacted. VHD disk defragmentation produces better compaction results while disabling it can save system resources.
Set free space ratio to trigger VHD disk compaction. Applicable when Enable VHD disk compaction is enabled. Lets you specify the free space ratio to trigger VHD disk compaction. When the free space ratio exceeds the specified value on user logoff, disk compaction is triggered.
Free space ratio = (current VHD file size – required minimum VHD file size*) ÷ current VHD file size
* Obtained using the GetSupportedSize method of the MSFT_Partition
class from the Microsoft Windows operating system.
Set number of logoffs to trigger VHD disk compaction. Applicable when Enable VHD disk compaction is enabled. Lets you specify the number of user logoffs to trigger VHD disk compaction.
When the number of logoffs since the last compaction reaches the specified value, disk compaction is triggered again.
Replicate user stores. If enabled, Profile Management replicates a user store to multiple paths on each logon and logoff, in addition to the path that the Set path to user store option specifies. To synchronize to the user stores files and folders modified during a session, enable active write-back. Enabling the option can increase system I/O and might prolong logoffs.
Customize storage path for VHDX files. Lets you specify a separate path to store VHDX files. By default, VHDX files are stored in the user store. Policies that use VHDX files include the following: Profile container, Search index roaming for Outlook, and Accelerate folder mirroring. If enabled, VHDX files of different policies are stored in different folders under the storage path.
Enable search index roaming for Microsoft Outlook users. If enabled, the user-specific Microsoft Outlook offline folder file (*.ost) and Microsoft search database are roamed along with the user profile. This improves the user experience when searching mail in Microsoft Outlook.
-
Outlook search index database – backup and restore. If enabled, Profile Management automatically saves a backup of the last known good copy of the search index database. When there is a corruption, Profile Management reverts to that copy. As a result, you no longer need to manually reindex the database when the search index database becomes corrupted.
-
Enable concurrent session support for Outlook search data roaming. Provides native Outlook search experience in concurrent sessions. If enabled, each concurrent session uses a separate Outlook OST file.
- Maximum number of VHDX disks for storing Outlook OST files. Lets you specify the maximum number of VHDX disks for storing Outlook OST files. If unspecified, only two VHDX disks can be used to store Outlook OST files (one file per disk). If more sessions start, their Outlook OST files are stored in the local user profile. Supported values: 1–10.
Enable OneDrive container. If enabled, Profile Management roams OneDrive folders with users by storing the folders on a VHDX disk. The disk is attached during logons and detached during logoffs.
Log settings
These options control Profile Management logging.
Enable Logging. Enables/disables logging of Profile Management operations.
Configure Log Settings. Lets you specify which types of events to include in the logs.
Set Maximum Size of Log File. Lets you specify a maximum size in bytes for the log file.
Set Path to Log File. Lets you specify the location at which the log file is created.
Registry
These options control Profile Management registry settings.
NTUSER.DAT Backup. If selected, Profile Management maintains a last known good backup of the NTUSER.DAT file. If Profile Management detects corruption, it uses the last known good backup copy to recover the profile.
Enable Default Exclusion List. Default list of registry keys in the HKCU hive that are not synchronized to the user’s profile. If selected, registry settings which are selected in this list are forcibly excluded from Profile Management profiles.
Enable Registry Exclusions. Registry settings in this list are forcibly excluded from Profile Management profiles.
Enable Registry Inclusions. Registry settings in this list are forcibly included in Profile Management profiles.
File system
These options control file system exclusions for Profile Management.
Enable Logon Exclusion Check. If enabled, configures what Profile Management does when a user logs on when a profile in the user store contains excluded files or folders. (If disabled, the default behavior is Synchronize excluded files or folders). You can select one of the following behaviors in the list:
Synchronize excluded files or folders (default). Profile Management synchronizes these excluded files or folders from the user store to local profile when a user logs on.
Ignore excluded files or folders. Profile Management ignores the excluded files or folders in the user store when a user logs on.
Delete excluded files or folder. Profile Management deletes the excluded files or folders in the user store when a user logs on.
Enable Default Exclusion List - Directories. Default list of directories ignored during synchronization. If selected, folders which are selected in this list are excluded from the Profile Management synchronization.
Enable File Exclusions. If enabled, the listed files are not included in a user’s profile. This setting lets you exclude specific files containing a large amount of data that users do not need as part of their profile. The list is pre-populated with default Windows 7 exclusions, and can be pre-populated with default Windows XP exclusions instead.
Enable Folder Exclusions. If enabled, the listed folders are not included in a user’s profile. This setting lets you exclude specific folders containing a large amount of data that users do not need as part of their profile. The list is pre-populated with default Windows 7 exclusions, and can be pre-populated with default Windows XP exclusions instead.
Tip:
When adding files or folders, you can use wildcards. For more information, see Wildcard support.
Synchronization
These options control Profile Management synchronization settings.
Enable Directory Synchronization. If enabled, the listed folders are synchronized to the user store.
Enable File Synchronization. If enabled, the listed files are synchronized to the user store, ensuring that users always get the most up-to-date versions of the files. If files have been modified in more than one session, the most up-to-date files are kept in the user store.
Tip:
When adding files or folders, you can use wildcards. For more information, see Wildcard support.
Enable Folder Mirroring. If enabled, the listed folders are mirrored to the user store on logoff, ensuring that files and subfolders in mirrored folders stored in the user store are exactly the same as the local versions. See below for more information about how folder mirroring works.
Accelerate folder mirroring. By default, Profile Management copies necessary transactional folders between the user store and local profiles. Mirroring ensures the integrity of those folders. This option eliminates the need to copy them by using a container-based solution, thus accelerating folder mirroring. Profile Management attaches the virtual disk during logons and detaches it during logoffs, eliminating the need to copy the folders between the user store and local profiles. Files in mirrored folders will always overwrite files stored in the user store on session logoff, irrespective of whether they are modified. If extra files or subfolders are present in the user store compared to the local versions in mirrored folders, those extra files and subfolders are deleted from the user store on session logoff.
- Add folders to mirror. By default, Profile Management copies necessary transactional folders between the user store and local profiles. A transactional folder is a folder containing interdependent files, where one file references other files. You can add more as needed.
Enable Large File Handling. If enabled, large files are redirected to the user store, thus eliminating the need to synchronize those files over the network.
Note:
Some applications do not allow concurrent file access. Citrix recommends that you take application behavior into consideration when you define your large file handling policy.
Streamed user profiles
These options control streamed user profile settings.
Enable Profile Streaming. If disabled, none of the settings in this section are processed.
Enable Profile Streaming for Folders. If enabled, folders are fetched only when they are being accessed. This setting eliminates the need to traverse all folders during user logons, thus saving bandwidth and reducing the time to synchronize files.
Always cache. If enabled, files of the specified size (in MB) or larger will always be cached.
Set timeout for pending area lock files: Frees up files so they are written back to the user store from the pending area after the specified time if the user store remains locked when a server becomes unresponsive.
Set streamed user profile groups. This list determines which user groups streamed profiles are used for.
Enable Profile Streaming Exclusion List - Directories. If selected, Profile Management does not stream folders in this list, and all the folders are fetched immediately from the user store to the local computer when users log on.
Enable profile streaming for pending area. If enabled, files in the pending area are fetched to the local profile only when they are requested. This ensures optimum logon experience in concurrent session scenarios. The pending area is used to ensure profile consistency while profile streaming is enabled. It temporarily stores profile files and folders changed in concurrent sessions. By default, this option is disabled. All files and folders in the pending area are fetched to the local profile during logon.
Cross-platform settings
These options control cross-platform settings.
Enable cross-platform settings. If disabled, none of the settings in this section are processed.
Set cross-platform settings groups. Lets you specify the user groups for which cross-platform profiles are used.
Set path to cross-platform definitions. Lets you specify the path to your cross-platform definition files.
Set path to cross-platform setting store. Lets you specify the path to your cross-platform setting store.
Enable source for creating cross-platform settings. Enables a source platform for cross-platform settings.
App access control
This option controls user access to files, folders, and registries. A typical use case is to apply rules to control user access to apps installed on machines — whether to make apps visible to relevant users.
Enable app access control. If enabled, Profile Management controls user access to items (such as files, folders, and registries) based on the rules you provide.
There are two ways you can create application rules:
- GUI-based tool - WEM Tool Hub > Rule Generator for App Access Control
- PowerShell tool – available with the Profile Management installation package
User store credentials
These options control user store credential settings.
Enable credential-based access to user store. If disabled, Profile Management impersonates the current user to access user stores. Therefore, make sure that the current user has permission to directly access the user stores. Disabling this setting prevents all settings on this tab from being processed. If enabled, Profile Management uses the specified user store credentials to access the user stores on behalf of the user. Enabling this setting allows you to put user stores in storage repositories (for example, Azure Files) that the current user has no permission to access.
Important:
Disabling this setting deletes all user store connections that the WEM agent previously established.
- Add. Lets you add credentials.
- Edit. Lets you edit existing credentials.
- Remove. Lets you delete existing credentials.
When adding or editing credentials, complete the following fields:
- Server share. Type a UNC path that specifies a server share.
- User name. Type the name in the form domain\username.
- Password. Type the password to be used to access the server share.
- Show password. Control whether to show or hide the password.
File deduplication
These options control Profile Management file deduplication settings.
Identical files can exist among various user profiles. Separating those files from the user store and storing them in a central location saves storage space by avoiding duplicates. You can specify files that you want to include in the shared store on the server hosting the user store. Specify the file names with paths relative to the user profile.
Enable File Inclusions. If enabled, Profile Management generates the shared store automatically. It then centrally stores the specified files in the shared store rather than in each user profile in the user store. Doing so reduces the load on the user store by avoiding file duplication, thus reducing your storage cost.
Enable File Exclusions. If enabled, Profile Management excludes the specified files from the shared store. You must use this option along with the Enable file inclusions option. Specify at least one file to exclude from the shared store.
Tip:
When adding files or folders, you can use wildcards. For more information, see Wildcard support.
Wildcard support
When adding files or folders, you can use wildcards. Wildcards in file names are applied recursively while wildcards in folder names are not. You can use the vertical bar (|) to restrict the policy only to the current folder so that the policy does not apply to its subfolders.
Examples:
-
AppData\*.tmp
excludes all files with the extension .tmp in the folderAppData
and its subfolders. -
AppData\*.tmp|
excludes all files with the extension .tmp in the folderAppData
. -
Downloads\*\a.txt
excludesa.txt
in any immediate subfolder of theDownloads
folder. Remember: wildcards in folder names are not applied recursively. -
Downloads\*
excludes all immediate subfolders of theDownloads
folder.