Windows 10 and roaming user profiles don’t harmonize well. In this post, you will learn about the various traps you might fall into if you’re working with roaming profiles in Windows 10 in your network.

James Rankin

James is a consultant from the UK, specializing mainly in end-user computing, Active Directory and client-side monitoring. When not implementing projects for his company HTG, he can often be found blogging, writing technical articles and speaking at conferences and user groups.

Microsoft touts Windows 10 as the mobile and cloud platform of the future. However, it is interesting to see how the operating system performs in traditional environments – that is, environments that you choose to deploy and manage using time-honored technologies most of us have been relying on for years.

Roaming profiles are a case in point. Microsoft was the first entrant into the market that grew up around user mobility, allowing network-based profiles to persist across multiple desktop sessions. It rapidly became a crowded space, with other vendors – such as RES, AppSense, Liquidware Labs, Scense and many others – extending, augmenting, or even outright replacing the traditional roaming profile functionality.

A roaming profile basically allows you to copy the user-based filesystem and HKEY_CURRENT_USER Registry hive to a defined network location at logoff (usually a user’s home drive area or a dedicated profiles share). This data is then copied back to the user’s %USERPROFILE% area at logon to ensure a consistent user experience across sessions and devices. To avoid problems with large files or large numbers of files, the roaming profile is often combined with Folder Redirection, allowing certain pertinent folders within the profile (usually My Documents, Pictures, and Videos) to be “redirected” permanently onto the network, avoiding the need for copying these particular folders at logon and logoff.

Setting roaming profile path in Active Directory Users and Computers

Setting roaming profile path in Active Directory Users and Computers


Traditional roaming profile traps ^

Traditional roaming profiles have occasionally suffered from issues regarding profile failures and have always been susceptible to “last writer wins” issues when multiple sessions are in use. When Windows writes a locally cached profile back to the file server during logoff, it compares each file pair’s timestamps and overwrites only older files.

This approach works well in the file system, but it fails miserably with the registry, because the registry is a file system within a single file. A user’s hive (mounted to HKEY_CURRENT_USER during a session) is stored in the file NTUSER.DAT in the profile. Since the registry is modified in every session, NTUSER.DAT is always written back and will be written back when any “odd man out” session is closed; the “last writer wins” (hence the name of the issue), potentially overwriting registry-based settings changes made in other sessions.

Roaming profiles have also always been restricted to particular versions for particular OS combinations, although some later operating systems have been slightly backward compatible with “v2” profiles. Mainly, it is recommended that a roaming profile be restricted to the combinations of operating systems that match the defined versions:

  • Server 2003/Windows XP – v1
  • Server 2008/Server 2008 R2/Windows Vista/Windows 7 – v2
  • Server 2012/Windows 8 – v3
  • Server 2012 R2/Windows 8.1 – v4
  • Server 2016/Windows 10 – v5

Windows 10 roaming profile traps ^

When defining a roaming profile for Windows 10, everything seems to behave normally. You create a “username.v5” profile in the nominated user share and it is populated accordingly. However, you will notice a number of issues as soon as your roaming user logs in to a different machine.

Profile unload fails

It is common in roaming profile environments to remove cached client-side copies of the roaming profiles to avoid filling up local hard drives with multiple user profiles copies – especially in environments where open-access machines are in use. Typically this is done by defining the “Delete cached copies of roaming profiles” GPO and setting it to Enabled. In Windows 10, though, a hook from a process (called the State Repository Service) will more often than not prevent the profile from being unloaded.

Start Tiles fail to persist

One of the most visually obvious aspects of the Windows 10 experience is the new Start Menu and the attached Start Tiles. At first logon, most users customize this to their own preferences. However, the data for these Tiles is stored in the %LOCALAPPDATA% folder, meaning that it simply does not exist within a roaming profile. Only %APPDATA%\Roaming is copied to the roaming profile store – and you can only specify exclusions, not inclusions, to this data.

Modern Apps fail to persist

Microsoft’s new apps also do not persist in any settings within the roaming profile store. Again, these are written to %LOCALAPPDATA%\Packages, which is beyond the scope of a roaming profile’s mandate. For certain modern apps – particularly Microsoft Edge (popular among Windows 10 users) – this adds to a frustrating experience when roaming settings are expected and it simply does not happen.

Corruption of the profile is common

When a Windows 10 user logs in, a database is created that deals with the Start Tiles, modern apps, and various visual aspects of the Start Menu (there’s also a separate database created for the Notification Center). When using a roaming profile, this database can become corrupted, resulting in problems, such as Cortana crashing, icons disappearing from the Start Tiles, or, in the worst-case scenario, the left-click Start Menu simply does not function at all.

Example of Cortana load failure whilst using a roaming profile

Example of Cortana load failure whilst using a roaming profile

Conclusion ^

With all of this in mind, it seems that there are serious bugs in the Windows 10 implementation of roaming profiles that need to be addressed before the product is enterprise-ready. Optimistically speaking, it would appear that Microsoft is probably going to address these issues in the June 2016 Redstone update – when, with Windows Server 2016 Remote Desktop Session Host (RDSH) being available, roaming would be a much more relevant subject.

However, with a more cynical train of thought, it could be said that it is in Microsoft’s interests to intentionally hobble the roaming capabilities of Windows 10. Making it so much more difficult for those using traditional methods or those using third-party vendor tools to successfully roam the user state would mean that Microsoft has an opportunity to fill this gap with a tool of its own creation and fuel its larger goal of widespread cloud adoption. In fact, there is a tool already in beta, called Enterprise Settings Sync, which appears to do precisely that, saving the user state into an Azure Active Directory (AD). Is this the wider play and the reason that Windows 10 appears to be incompatible with traditional forms of roaming?

Whichever it is, Microsoft must tread carefully. Already enterprises are holding back in some areas because of concerns about how their traditional management and deployment methods will function on Windows 10 and how much adaptation is required. Windows 10 has immense promise – but it would not take an awful lot to end up with customers hanging onto Windows 7 in the same way they did with Windows XP.

Win the monthly 4sysops member prize for IT pros

Share
1+

Related Posts

29 Comments
  1. Anthony 2 years ago

    We gave up on roaming profiles since Windows 8.  Honestly most users won't notice too much anyway if you redirect AppData, Documents, etc.. using folder redirection.

    1+

  2. Author
    James Rankin 2 years ago

    Well, it's a valid proposition, but redirecting APPDATA doesn't cover anything that writes aggressively to LOCALAPPDATA (such as Google Chrome). There are ways around this (redirecting the Chrome home directory in that particular case), but some of them are unsupported (such as redirecting the LOCALAPPDATA area, which I wouldn't advise).

    Also, redirection of APPDATA can cause problems with application performance and stability. It's a hot debate and not one I'm going to wade in on, but here's some relevant reading on the subject - https://helgeklein.com/blog/2014/10/folder-redirection-impacts-ux-breaks-applications/

    At the end of the day, if your users can suffice with Folder Redirection, all well and good. But there are some use cases where there is still very much a need for the full roaming profile solution. Or in some cases, to go beyond that and adopt one of the broader UEM technologies.

     

    Cheers,

     

    JR

    0

  3. Christian Wimmer 2 years ago

    Windows 1511 has a nasty bug with roaming profiles, causing Edge, Windows search and other apps to constantly crash, among other things. Something they still have to fix.

    0

    • xylx 2 years ago

      Cortana is also crashing along with these problems

      0

  4. Stuart 2 years ago

    According to MS (and tested/verified in our environment) build 14279 fixes the roaming profile issues found in the 1511 update.

    https://blogs.windows.com/windowsexperience/2016/03/04/announcing-windows-10-insider-preview-build-14279/

    Until the build is released on CBB, they have a post going for a work around - http://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_web/workaround-edge-crashing-with-roaming-profiles/1b39397e-7742-479d-9fa7-42d652a9456b?tm=1457122310045&auth=1

    0

  5. Author
    James Rankin 2 years ago

    Interesting, I've been testing on 14279 and can concur that I haven't seen any Cortana crashes, but the other issues mentioned seem to still exist.

     

    Cheers,

     

    JR

    0

  6. Stuart 2 years ago

    JR,

    Are you using the same roaming profile you had before the 4279 build?  If so, I would clear the profile and see if issues persist.

     

    0

    • Author
      James Rankin 2 years ago

      No, a fresh new user, profile and client build. The issues with non-roaming of Metro and Start Tiles are by design, as far as I can tell (although I may have found a way around the Start Tiles, which I will put out as a blog as soon as I can finish testing).

      As you've mentioned the latest build seems to address the Cortana crashing issues. The issue with profile unloads is recognized as a bug but as yet does not seem to be fixed. Issues with mandatory profiles and the like are still on the waiting list. Interestingly, 14279 also seems to fix an issue I noticed with "Export-StartLayout" being unable to run as a GP Logoff Script (it fails with a "class not registered" error). This is the key to being able to roam the Start Tiles, although you still have to "fudge" the technique somewhat.

      Unfortunately release for RS1 is not until June, which is disappointing for those (like me!) trying to deploy Windows 10 as it currently stands.

      Cheers,

       

      JR

      0

  7. Martin Peake 1 year ago

    Despite numerous web searches suggesting various complex fixes for our issue with Roaming Profiles the solution was remarkably simple. I'd like to say we found the answer by doing a deep and complex troll through help files and technical books - but we didn't my colleague and I stumbled on it by chance!
    When setting Profile Paths on Server 2012 there is a Data field labelled Local Path an entry in this field will block Roaming Profiles

    0

    • Jorge Luis Gonzalez Monagas 1 year ago

      +MartinPeake Can you explain better? The only Local Path I see in this window is for Home Folders. Has anyone had success with mandatory profiles and a working start menu? Any help will be appreciated. Thanks.

      0

  8. RK 1 year ago

    This absolutely and simply sucks!  We have been using the combination of Roaming Profiles and Folder redirection since XP/2003 - even have it working with 8.1/2012R2 (albeit without the Start Menu layout, but it worked).  In our case, when a user PC goes down, they know they can sit at any similar machine, login, and have their personal user experience.  Or further, when the power goes out, they go home (or to Starbucks) and remote into an RDP server.  Their profile loads fine there as well.  Of course, local software must be present, but for the basics - Office Suite, Adobe Reader, Java, Chrome - they are back up in minutes.  To have taken this away is ludicrous!  Maybe I can deal with the Start Menu tiles, but for NOTHING to appear when the user clicks the Windows fob, or have broken Windows Apps (Weather, Finance, News - even the Calculator!) is ridiculous!  MS, get your act together. Stop writing CRAP CODE that's 80% complete and calling the other 20% "Windows Update".

    -From a CIO
    Who will (and also recommend to peer CIOs) NOT move from Windows 7

    1+

  9. Martin Peake 1 year ago

    Home Folder is what caused our problem, any entry here appears to override the Profile path after removing any entry from this box Roaming profiles functioned as expected.

    0

  10. Martin Peake 1 year ago

    When I've got time I intend to write up the experiences we've had at Bilston Community Centre upgrading from Windows 7 to 10 and from Server 2003 to 2012 essentials. A somewhat bumpy process but educational and ultimately satisfying experience.

    0

  11. Kevin 1 year ago

    This is by far the best article and comments I've read on the subject. Our organization only has a couple users that require Roaming Profiles, mostly because their My Documents folders are so huge and they constantly search and searching on the network drive "isn't fast enough..". I pushed Win10 this weekend, and it appears using the v5 folder works somewhat, but I'll need to do more testing. We're running Server 2008 R2. Thanks for the information gents.

    0

  12. Danny Field 1 year ago

    I am deploying edu build 1511 on over 500 desktops/laptops at my school. I am pushing out 2 custom start menus to staff and students. I am finding it is a lucky dip whether the tiles are populated in the menu. Sometimes the only ones that show are the universal apps. I have read that the latest insider build  14393 might have fixed the issue

    We have improved the reliability of Start, Cortana, and Action Center.

    The issue doesn't seem to follow the user, so does not seem to be because of corruption. But down to something on a specific desktop or group of desktops.

    Can anyone verify my findings?

    0

    • danny 1 year ago

      Simply opening and resaving the server share custom start xml file seems to clear the problem. The timestamp change is causing the xml to be reread on the client desktop.

      0

  13. jose 1 year ago

    Looks like Start Menu tiles are now been roamed in version 1607, build 14393.105. I just specified a mirror folder in Citrix UPM to AppData\Local\TileDataLayer\Database. I'm running VDA 7.9.

    0

    • jose 1 year ago

      nope; still corrupting Start Menu after several log offs/in. I have opened a case with MS.

      0

  14. Windows10IsntReadyForEnterprise 1 year ago

    Hello,

    After struggling with this for a few months and searching the internet we finally resolved our issue and wanted to let you know.

    We have the StartMenuLayout Gpo Enabled which reads a pre-configured xml start menu (after you pin everything nicely, you use Export-Layout and save the XML, then deploy your Mdt Windows 10 image to all workstations so that every single one has the exact same software so the start menu can work with the pinned apps correctly).

    Then if you roam from one workstation (the first login will be fine) but immediately the next workstation will have a broken start menu with missing items or blank start menu (no pinned items).

     

    The fix:

    Notepad > File Open the \\san\gpo\StartMenuLayout-2016-09-09.xml file

    Then...

    Notepad > File > Save

    Then...

    And that gpupdate /force, and reboot... and now the workstation will show the start menu. So you will need a daily script that will always touch the timestamp on the StartMenuLayout.xml to fix it.

     

    Hope this helps anyone with a small domain and trying to make their customized start menu.

    0

  15. jdoh 1 year ago

    Thanks Windows10IsntReadyForEnterprise. It's been frustrating indeed to get the start menu layout published on our test Win10 systems. What command-line util are you using to touch the file daily?

    0

  16. Leki 1 year ago

    Hi there,

    I experienced the same thing. Spent hours and hours, even days, deleted GPO. Now it turns out that it does not work at all. do you has information when this will be fixed? Microsoft even work on this ti fix or not? please let me know.

    1+

    • Leki 1 year ago

      I forgot to mention that not single applications from Store does't show or work ie. does not appear even in Start menu or in taskbar....

      agrh.....

      0

  17. Yol 11 months ago

    Hi guys,

    I have the same issue with win10 and win server 2012 r2. The roaming profile works one side. it means when i login to the first computer and edit a file i can go to a second computer and i notice all modification. However if i modify it from the second computer and sign out anf go back to the first comoputer i don't find any modification.

    Could you suggest how to solve it please.

     

    Thank you

    0

  18. Ian 7 months ago

    May 2017 - 1607 still has MAJOR issues. All points above still valid.

    0

  19. Markus Klocker 6 months ago

    We experience still problems with romaing profiles under 1607 and even 1703. A Microsoft consultant stated that the code for roaming profiles is not maintained any more and if it breaks its gone for good.

    For example with deleting cached profiles instantly you get a nice box on every login which states that you were not signed in.
    Or no logon with temporary profiles event prevent a local Administrator from loging onto a domain joined machine.

    The new way is to use UE-V but this does not cover everything.
    Are there any other news than that or are roaming profiles really going to vanish soon?

    1+

  20. James Rankin 6 months ago

    I spoke to Microsoft's product manager for roaming profiles who gives me the impression that roaming profiles are here to stay, so not sure why MS are telling you they are gone. However it is no secret MS would like you to use ESR and UE-V together, but this is not a good solution currently.

    The temp profile problem does not happen to me on 1607 or 1703. Can you remove the "delete cached copies" GPO and use something else (like delprof.exe) to remove the profiles instead?

    0

  21. Pat M 2 months ago

    Great comments guys.  Still a problem with 10  v1703 build 15063.608.  Roaming profiles on a Server2008 R2 domain just won't copy over to new W10 laptops etc.  Then the staff scream for the techie [me].  Win XP to 7 was a breeze but now you have to manually copy from the old to new.  Needless downtime for techies who are up to their armpits in other stuff.

    This is a huge step backwards for people who had a laptop stolen or damaged beyond repair and they just want to get working ASAP.  That's why we had roaming profiles.  Jump on any workstation and get going.  Microsoft have shot themselves in the foot with this one.

    Millions of happy business / edu  Win 7 users had their PCs virtually hijacked by MS and had Win 10 forced onto them.  [We are Microsoft - resistance is futile]  They have alienated end users who are now migrating to Google Drive by the millions because they can access files from anywhere on any PC.  Businesses/Educational enterprises are buying into Google big time. It's the new tech snake oil to solve all your MS problems according to converts I've talked to.

    I'm no Google fan [it's just as arrogant] but MS is losing ground for good reason.  Too many stupid little annoyances with Win 8 and 10.

    And no I won't be buying a Google car.  "You must use the Google toll road, you are not permitted to use alternative routes. Manual override disabled!"  It could happen.

    Sorry a bit off topic but that's where it's heading.  I won't start on IoT.

    Cheers

     

    0

  22. Walter 3 weeks ago

    Dear James,

    Since we work with Server2016 and Windows 10 on the clients, we have serious problems with roaming profiles; in earlier versions, server2012 and Windows8.1 never had problems.

    Our problem: after logging on with the romaing profile, sometimes (50%!) the pc 'hangs' or 'freezes'; all we can do is Ctrl+Alt+Delete and log off and log on again.

    We work in school environment, about 80 pc's for 250 children and their teachers (Primary school). I know there are many parameters to search this out, but as i said, we never had such problems in earlier versions.

    On the clients we have Windows10 (32bit) version 1703 with all updates.

    Will it be helpful to send logfiles in eventviewer? What could be (the problem) the solution to this problem?

    Thanks for helping!

    0

Leave a reply

Your email address will not be published. Required fields are marked *

*

CONTACT US

Please ask IT administration questions in the forum. Any other messages are welcome.

Sending
© 4sysops 2006 - 2017

Log in with your credentials

or    

Forgot your details?

Create Account