- Consolidating Group Policy, part 3: Loopback policy processing and folder redirection - Wed, Aug 25 2021
- Consolidating Group Policy, part 2: GPOZaurr - Thu, Aug 19 2021
- Consolidating Group Policy, part 1: Get-GpoReport and Advanced Group Policy Management (AGMC) - Wed, Aug 18 2021
The latest feature update released for Windows 10—the "Creators Update"—brings a host of new features and refinements. However, one point often missed is that Microsoft can also deprecate features between Windows 10 updates. In the release version, there was a much-derided feature called Wifi Sense, which allowed you to share wireless network information with lists of "friends" such as Outlook Contacts. They quietly took this out and gave it a bullet in the head with the "Anniversary Update," and because it was a feature not many people were even keen on, there were very few candles lit for its passing.
When developers deprecate features that users have become used to and that possibly make them more productive, there may very well be disruption and pushback from the user base. That's bad enough—but when the changes affect administrative and management functions, there is even more uproar. Often, enterprises put into place tweaks and workarounds that are specific to their environments. And the need to change these tweaks and workarounds can cause extra overhead for IT departments.
Deprecated TileDataLayer model ^
A good case in point is roaming profiles and the Start Tiles. I wrote an article previously explaining how to get the Start Tiles included into a roaming profile with a fairly ugly hack. The concept of Start Tiles was new to Windows 10, and this paradigm forced administrators to adopt methods such as this to ensure smooth roaming.
After a period of adaptation and experimentation, admins accepted that the data controlling the Start Tiles experience had moved to %LOCALAPPDATA%\TileDataLayer\Database, and that capturing this folder into a roaming profile would allow porting the settings from device to device.
However, the Creators Update lists the "TileDataLayer" model as one of the deprecated features; see this for further details on other features the update removed or deprecated. Deprecated means the feature is "not in active development and…planned for potential removal in subsequent releases."
Our testing indicates this is indeed true; they haven't completely done away with the TileDataLayer—yet. But on the surface at least, using the method from the previous article to deal with roaming profiles and the Start Tiles no longer works with the 1703 update. This is probably because Microsoft have started to put the new method in place and are in a period of transition towards it.
Digging under the hood indicates this speculation appears accurate. It seems there has been some movement away from the TileDataLayer model, which now necessitates some extra changes to the hack we have previously used.
Start Tiles in roaming profiles ^
First, you need to ensure this Registry value is set in HKEY_LOCAL_MACHINE for roaming profiles to function correctly on the 1703 version of Windows 10. It's not entirely clear what this value does, but it appears to allow customization of the Start Menu/Tiles even in situations where custom start tiles policies are applied.
Next, you need to adjust the data in your ExcludeProfileDirs value to allow saving these folders in addition to the TileDataLayer folder, because these appear to be the areas where Microsoft are shifting the Start Tiles data towards.
AppData\Local\Microsoft\Windows\Explorer (you may only need this one if you see problems in the ordering or presentation of items on the Start Tiles)
It’s also implicit in a roaming profile situation that you would be saving the entire user Registry hive, but if you were using another solution to achieve this, the Registry key that (at least for the 1703 edition) relates directly to the Start Tiles is this: HKCU\Software\Microsoft\Windows\CurrentVersion\CloudStore
To give you a place to start, I've included the results from my testing, which I used for the ExcludeProfileDirs value and which allowed me to roam the Start Menu settings in their entirety. However, given that the value is exclusion-based, you will have to test and ensure there aren't any additional %LOCALAPPDATA% folders you need to add to this list, based on the applications loaded within your base image.
This seems to work pretty well in my lab, but you will need to test it thoroughly in specific enterprise environments. As mentioned in the previous article, you can easily set this via Group Policy.
Key - HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Value – ExcludeRoamingProfileDirs Type – REG_SZ Data - AppData\LocalLow;$Recycle.Bin;OneDrive;WorkFolders;AppData\Local\Comms;AppData\Local\ConnectedDevicesPlatform;AppData\Local\Google;AppData\Local\GroupPolicy;AppData\Local\Mozilla;AppData\Local\Packages;AppData\Local\Publishers;AppData\Local\PeerDistRepub;AppData\Local\Temp;AppData\Local\VirtualStore;AppData\Local\Winternals;AppData\Local\Adobe;AppData\Local\Apple;AppData\Local\AppleComputer;AppData\Local\Autodesk;AppData\Local\Chromium;AppData\Local\CrashDumps;AppData\Local\NVIDIA;AppData\Local\NVIDIACorporation;AppData\Local\Skype;AppData\Local\WebEx;AppData\Local\Foxit Reader;AppData\Local\Macromedia;AppData\Local\Microsoft_Corporation;AppData\Local\Real;AppData\Local\DropBox;AppData\Local\Vmware;AppData\Local\Windows Live;AppData\Local\CrashDumps;AppData\Local\Citrix;AppData\Local\Microsoft\AppV;AppData\Local\Microsoft\Credentials;AppData\Local\Microsoft\Feeds;AppData\Local\Microsoft\Feeds Cache;AppData\Local\Microsoft\GameDVR;AppData\Local\Microsoft\Group Policy;AppData\Local\Microsoft\InputPersonalization;AppData\Local\Microsoft\InstallAgent;AppData\Local\Microsoft\Internet Explorer;AppData\Local\Microsoft\Media Player;AppData\Local\Microsoft\OneDrive;AppData\Local\Microsoft\PenWorkspace;AppData\Local\Microsoft\PlayReady;AppData\Local\Microsoft\Vault;AppData\Local\Microsoft\Windows Live;AppData\Local\Microsoft\Windows Sidebar;AppData\Local\Microsoft\WindowsApps;AppData\Local\Microsoft\Windows\UPPS;AppData\Local\Microsoft\Windows\1033;AppData\Local\Microsoft\Windows\ActionCenterCache;AppData\Local\Microsoft\Windows\Application Shortcuts;AppData\Local\Microsoft\Windows\Burn;AppData\Local\Microsoft\Windows\GameExplorer;AppData\Local\Microsoft\Windows\History;AppData\Local\Microsoft\Windows\IECompatCache;AppData\Local\Microsoft\Windows\IECompatUaCache;AppData\Local\Microsoft\Windows\INetCache;AppData\Local\Microsoft\Windows\INetCookies;AppData\Local\Microsoft\Windows\Notifications;AppData\Local\Microsoft\Windows\OfflineFiles;AppData\Local\Microsoft\Windows\PowerShell;AppData\Local\Microsoft\Windows\PRICache;AppData\Local\Microsoft\Windows\Ringtones;AppData\Local\Microsoft\Windows\RoamingTiles;AppData\Local\Microsoft\Windows\Safety;AppData\Local\Microsoft\Windows\SchCache;AppData\Local\Microsoft\Windows\SettingSync;AppData\Local\Microsoft\Windows\Shell;AppData\Local\Microsoft\Windows\WebCache;AppData\Local\Microsoft\Windows\WER;AppData\Local\Microsoft\CLR_v4.0;AppData\Local\Microsoft\CLR_v4.0_32
These preferences can allow setting this for all users or a subset of them based around configurable parameters.
Interestingly, there is one further folder where the Start Tiles databases appear to be replicated to, but is not actively used. This folder is AppData\Local\Microsoft\Windows\SettingSync (hidden and marked "System" by default, so you may not notice it initially).
This folder appears to be a placeholder for settings Microsoft will eventually put into their Enterprise State Roaming (ESR) feature. The idea is to store certain profile settings in the Azure cloud and allow roaming between user sessions on different devices. It requires a Premium Azure Active Directory (AD) subscription and only works on Universal Windows Platform (UWP) apps. But it will eventually be the go-to solution for roaming as more core apps move to UWP and Azure takes off. A case in point is the Settings UWP app versus the traditional "legacy" Control Panel. Gradually more and more configuration items are moving to the Settings app, and once this is complete, ESR in its entirety should be able to manage anything within this.
Windows 10 feature updates don't just bring new features—they can take away existing ones. And in cases such as these, where new behavior renders ineffective any configuration tweaks you may have made on the older versions, it demonstrates perfectly why you need to have a broad testing process to identify possible issues.