VMware View Persona Management

Persona Management, previously called RTO Virtual Profiles. A sleeping giant in my eyes. It's soo simple to install and configure but can offer you riches beyond your wildest dreams. OK, maybe a little over the top, but it is a really cool product and very underrated.

With VMware ViewTM 5, VMware introduces View Persona ManagementTM. View Persona Management preserves user profiles and dynamically synchronizes them with a remote profile repository. View Persona Management does not require the configuration of Windows roaming profiles, and you can bypass Windows Active Directory in the management of View user profiles. If you already use roaming profiles, Persona Management enhances their functionality.

Persona Management downloads only the files that Windows requires at login, such as user registry files. When the user or application opens other files from the desktop profile folder, these files are copied from the stored user persona to the View desktop. This algorithm provides performance beyond that achieved with Windows roaming profiles. 

As it's still pretty new, detailed information on the InterWeb is limited so I thought I'd put together a post displaying how Persona Management functions. Installation/Configuration information can be found in the View 5.0 Administration Guide or in the VMware View Persona Management Deployment Guide.

Persona Management Logic Flow

Persona Management is based around Logic Flows which need to run through step-by-step. Each step has to be completed before the next to ensure the process completes successfully. I will try and explain at a high-level what happens in each of the following Logic Flows:

  • When a user logs in
  • Whilst the user is logged in
  • When a user logs out

When a user logs in

  1. User enters user/pass
    • If Persona Management is not enabled – the login is handled like a normal Windows logon
    • If the "Override persona repository location" setting is not enabled (default behavior):
      • If there is a Windows roaming profile path configured for the user – Persona Management will use the network profile from that location
      • If there is no Windows roaming profile path configured for the user, but there is a profile path configured in the Persona Management policy – Persona Management will use the network profile from that location.
      • If there is no Windows roaming profile path configured for the user, and there is no profile path configured in the Persona Management policy – Persona Management assumes the profile is a local profile and the login is handled like a normal Windows logon
    • If the central profile is not owned by the user who is logging in - the login is handled like a normal Windows logon
    • If the "Override persona repository location" setting is enabled:
      • If there is a profile path configured in the Persona Management policy – Persona Management will use the network profile from that location
      • If there is no profile path configured in the Persona Management policy, but there is a Windows roaming profile path configured for the user – Persona Management will use the network profile from that location
      • If there is no profile path configured in the Persona Management policy, and there is no Windows roaming profile path configured for the user – Persona Management assumes the profile is a local profile and the login is handled like a normal Windows login
  2. User Profile is loaded
    • If the central profile doesn't exist – it is created and a local profile is created on the desktop from the default user profile
    • If the central profile exists – Persona Management makes Windows believe that the local and network profiles match, so that no data is actually downloaded from the network during the loading of the profile
  3. A check is made for folders/files that are configured to be "pre-loaded"  
    • If folders do not exist on the local profile – folders are created on the local profile
    • If files don't exist on the local profile Files - files are downloaded from the central profile
  4. Folder redirects are created
    • If redirected folder is not owned by the user who is logging in – redirection fails
    • If data exists in the local folder – data migrated to the redirected folder. The local folder is then deleted
  5. After a short period of time profile file population will commence in the background

Whilst the user is logged in

  • On Demand Offline File Population (Folder Query)
    • A folder is queried by an application/process on the desktop
      • If the local profile folder is in the "No Roaming" exclusion list or on the Pre-loaded list – the local profile folder is used
      • If the local profile folder is already populated – the local profile folder is used
    • If not the contents of the central profile folder is queried
      •  If the central profile folder is in the "No Roaming" exclusion list or does not contain a no roaming exemption the folder is ignored – the query is passed through
    • The folder is created on the local profile with the same attributes as the central profile folder
      • If the central profile folder is compressed, the local profile folder will be compressed
      • The timestamp of the folder on the local profile is changed to match the central profile folder
    • Any files contained within that folder in the central profile will be created in the new local folder as Offline files
    • An extended attribute is set on the folder containing the files to indicate that the folder has already been populated
  • On Demand Offline File Population (File Open/Query)
    • A file is required to be created/opened by an application/process on the desktop 
      • If the local file is in the "No Roaming" exclusion list – the file from the local profile is used
      • If the extended attribute is set on the folder containing the file - the file from that folder is used
      • If the local file already exists - the file from the local profile is used
      • If the file is a link file (.lnk or .url) - the file is downloaded to the local profile
      • If the parent folder does not exist on the local profile – the open is passed through
    • The parent folder is created locally using the central profile folder path as a template
    • Any files contained within that folder in the central profile will be created in the new local folder as Offline files
    • An extended attribute is set on the folder containing the files to indicate that the folder has already been populated
    • If the file is being opened for read or write access, the file is downloaded from the central profile
      • The central profile file is opened
      • The local file is opened
        • If the local file is "Read Only", the "Read Only" attribute is remove temporarily so it can be written to
      • Content from the central file is copied to the local file
        • The size of the local file is changed to match the size of the central file
        • The time-stamps of the file on the local profile is changed to match the central profile file
        • The Offline attribute is cleared from the local file
  • Background Offline File Population
    • After the user logs on Background Offline Population initiates and begins to create and populate the local profile folders
      • If the folder is in the "No Roaming" exclusion list – the folder is not created
      • If the folder already exists in the local profile - the folder is not created
      • If the folder extended attribute is set  - the folder is not created
      • If the folder is already being created – the folder is not created
    • The folder is created on the local profile with the same attributes as the central profile folder
      • If the central profile folder is compressed, the local profile folder will be compressed
      • The timestamp of the folder on the local profile is changed to match the central profile folder
      • Any files contained within that folder in the central profile will be created in the new local folder as Offline files
      • An extended attribute is set on the folder containing the files to indicate that the folder has already been populated
  • Replication
    • After the user logs in Replication initiates
      • If the local profile exists but the central profile does not – the local profile files/folders are marked for replication
      • If the central profile exists but the local profile does not – the local profile files/folders which don't exist in the central profile are deleted
    • During the users session changes to files/folders are stored in the change list
    • On the Replication interval, changes are copied to a temporary folder in the central profile
      • If a temporary folder is left of from a previous replication and the commitment of changes fails – the replication fails
      • If the file/folder that is in the "No Roaming" exclusion list - the changes are not replicated
      • If the file/folder configured for "Windows roaming profile sync" – the changes are saved for log off replication
      • If the file/folder is moved from inside to outside the profile – the file/folder is deleted
      • If the file is encrypted – A warning is recorded and replication is stopped
      • If the file/folder is moved from outside to inside the profile - the file/folder is created
      • If the file/folder is renamed/deleted – the changes is recorded in a temporary file
      • If a folder is created – the content of that folder is uploaded
      • If a file and the files data has changed – the file is uploaded along with all attributes
      • If the file/folder security/attributes have changed - the security changes are recorded in a temporary file
      • If any change fails to upload – all remaining changes are skipped and re-scheduled for the next replication interval
    • The changes in the temporary folder are enumerated and committed to the central profile
    • The temporary folder is deleted

When a user logs off

  1. User clicks "Log Off" or "Shutdown"
  2. Folder redirection is stopped
  3. Final Replication is initiated
  4. If profile deletion is enabled – all files/folders in the local profile are deleted
    • If "Remove Local Settings" or "AppData/Local" is not checked – the local settings folder is not deleted

Summary

As you can see, there is more than meets the eye to Persona Management.  It's very simple to setup and configure on your environment and although it looks like nothing is really going on, you can tell from the Logic Flows above, that really is not the case.

I will continue to update this page as I get more information surrounding VMware Personal Management, so please remember to drop by regularly.

  • Chris Dadswell

    Very useful information Simon, many thanks for sharing this. I’ll keep an eye out for updates!

    Cheers,
    Chris.

  • Lieven

    How would you go about quota management when using Persona Management?

  • http://www.simonlong.co.uk Simon Long

    Hi Lieven, If you are using Roaming Profiles I believe this will still continue to apply quotas as the quota is applied to the share.

  • http://twitter.com/WayneFielder Wayne Fielder

    I have a volume attached to my ESX hosts for persistent storage like profiles.  When I configured my pools, I supplied this volume and it appears on the virtual desktops as the D drive.  Throughout the logic flow above as well as the VMWare docs the reference is continually made to a share where the profiles live.  If I wanted to use that D drive for the profiles, can I simply refer to it as “D:” instead of a UNC?  perhaps some environment variable and path combination such as “d:profiles%username%”?

  • http://www.facebook.com/profile.php?id=100000446227148 Paul Viscovich

    Excellent post,
    Very deep explanation of the timing and flow of the persona replication. This
    will be a very helpful reference link..

    Has there been many changes in View 5.1 in the flow

    Thanks you

  • http://twitter.com/lanalyzer Jesús Matos Segovia

    Have to be UNC

  • Jarkko

    Great post!

    Do you have any idea how to create Windows 7 default Junction Points “C:UsersUsernameApplication Data” and “C:UsersUsernameLocal Settings” ?
    These are not created when user has a persona on fileshare and he logs on a new Linked-clone desktop with Persistent Disk. I cannot create these manually or by script (with mklink.exe) because Persona Management driver does not allow me to create symbolic links or Junction Points in users home folder.
    Thanks

  • http://www.simonlong.co.uk Simon Long

    I have no idea. Sorry. Have you tired asking on the VMware Communities Or opening a Support Call with VMware?

  • User

    what about hidden shares for PM? \uncsharefolder$%username%

  • http://www.simonlong.co.uk Simon Long

    I’m not sure on that. Have you tired it?

  • William Updale

    Jarkko, did you ever find a solution? If so, can you share?

  • Jarkko

    I have still VMware support case opened and engineering is dealing with that. As long as I’m waiting I developed the following workaround:

    1. Persona Management GPO has to have WMI filter applied,
    that checks if certain file exists in VM C: drive.

    2. If users log in to empty or new VM, this file does not
    exist and GPO is not applied.

    3. Windows default User Profile is created.

    4. There is a vbscript in Start Menu -> Startup folder
    which will launch as soon as user default desktop is loaded

    5. The script does the following: Creates a file with hidden attributes in the C: drive, Computer group policy is refreshed, deletes
    the script from Startup folder and logs off the session showing user a message to log
    back in immidiately.

    6. User log in again, file that WMI filter requires exist
    now and Persona GPO is now applied.

    7. User has now his profile from network share and
    Windows default Junction Points.

    Hope that helps.

  • Petrus

    Hi Jarkko, this is happening to us and we cannot find a fix. What did vmware support tell you about that? Thanks!

  • Jarkko

    VMware response was simple. After few months of investigation they responded that this is currently not supported and thats it.

Get Adobe Flash player