User Profile Disk & Office365 Outlook Cache

Background

Early February 2018, @james_kindon and myself began collaborating on a free and simple solution to avoid the requirement of storing Outlook OST files on network shares when deploying VDI or RDSH environments with Exchange Online. There are multiple solutions out there currently that address this issue, however not all organisations have access to these solutions and are left resorting to network share placement for OST files.

Initially we began looking at a combination of Citrix Workspace Environment Management and PowerShell to create and mount a VHD file in the user context and then rewrite the Outlook OST Cache location into this location, however we ran into road blocks with the elevation of certain tasks such as diskpart and mountvol. WEM has limitations in which context operations can be performed, and whilst we could potentially address these challenges with Powershell, the complexity started taking away from our goal of an easy, simple to deploy solution.

James had recently been working on an RDS deployment with UPD in the mix and suggested looking at some of the collateral and ideas already out there around the use of UPD in no traditional ways. Very quickly through trial and error, we tested and successfully limited a standard UPD to only the Outlook cache folder using nothing but the inbuild capability of UPD itself.

First off, time to credit the people/articles that lay the foundation of the outcome that has been created in the article.

Microsoft User Profile Disk with Citrix XenApp & XenDesktop – Trond Eirik Haavarstein @XenAppBlog

Microsoft User Profile Disks Policy Template – Jeroen Tielen @jeroentielen

User Profile Disks on Windows 10 – James Rankin @james____rankin

Thanks also to Cláudio Rodrigues & Jarian Gibson for reviewing the article before publication and confirming i wasn’t talking a load of rubbish.

Configuring the File Share for Storage of User Profile Disks

You will firstly need a network location to store the UPD’s. In the example below, I have used \\LAB\DC1\UPD configured with the following persmissions:-

Share Permission

User Account/Group	Permission
Everyone	Full Control

NTFS Permission

User Account/Group	Permission	Folder
Administrator	Full Control	This folder, subfolders and files
Authentication User	Modify	This folder only
Creator/Owner	Modify	Subfolder and Files only

Creation of the User Profile Disk Template

UPD’s require a template disk to be created as the initial starting point. This disk template sets the size of the disk and is used for all new disks as they are created on a per user basis

To create the user disk template, run the following command in your environment, replacing \\%SERVERNAME%\%SHARE% with your UNC Path created above, and “10” with the desired size of your disks.

(gwmi -ns root\cimv2\terminalservices -class win32_tssessiondirectory).createuserdisktemplate("\\%SERVERNAME%\%SHARE%",10)

Unlike traditional full profile based UPD configurations, the configuration deployed in this solution will only redirect the Outlook OST Location: %LOCALAPPDATA%\Microsoft\Outlook. As such, there is no requirement to create a template/VHD per Operating System.

Configuration of User Profile Disk Environmental Settings

Once the profile disk template has been enabled above, we need to configure the environment to utilise it. This involves a few touch points

From simplicity sakes, we utilised https://www.jeroentielen.nl/microsoft-user-profile-disks-gpo/ ADMX files rather than registry settings.

Step 1: We downloaded and imported the ADMX files and created a new Group Policy Object. (download of ADMX)

Step 2:Next we enabled User Profile Disks , by Setting “Enable User Profile Disks” to “Enabled” and Selecting Option 1.

Step 3: Enabled Location of User Profile Disk and specified the UNC Path created earlier in the article.

Step 4: Enabled Configuration XML file User Profile Disk and left as default which creates the XML In “C:\Windows\RemotePackages\RDFArm\UvhdRoamingPolicy.xml”

See below about the importance of this file

UvhdRoamingPolicy.xml Configuration

UvhdRoamingPolicy.xml is key to configuring the specific folders you need to include in your UPD. The location of UvhdRoamingPolicy.xml is “C:\Windows\RemotePackages\RDFarm”. We needed to create a Group Policy Preference to copy this from a central location, to each server that UPD would be enabled on. We chose the NETLOGON share in this configuration to store the XML file and set an “update” action so that the file is copied to relevant location on each server.

Roaming Mode

• 0 – Store all user setting and user profile data on the user profile disk
  • Used in conjunction with <Exclude></Exclude> Parameter to exclude folders in profile such as google cache etc
• 2 -Store only the following folders on the user profile disk
  • Used in conjunction with <Include></Include> to exclude folders in profile such as google cache etc

As you can see straight away, mode 2 used in conjunction with the “Include” tags immediately addresses what we require, which is simply an inclusion of the AppData\Local|Microsoft\Outlook folder.

Include

<Include>
    <Folder>AppData\Local\Microsoft\Outlook</Folder>
</Include>

Conversely, it is possible also to just include Files in the UPD rather than just folders by specifying the following Tags.

<File>ntuser.dat</File>

Office365 Outlook Cache XML Configuration

Below is the configuration if you want to use User Profile Disk to roam the Outlook OST Cache.

<UvhdRoamingPolicy>
      <RoamingMode>2</RoamingMode>
             <Include>
                     <Folder>AppData\Local\Microsoft\Outlook</Folder>
             </Include>
</UvhdRoamingPolicy>

Below is the XML file created and Copied to the Netlogon Share.

XML fie can be downloaded here

Demonstrating the Solution

Step 1:

Log in to the environment where the new Group Policy enabling UPD has been applied. Upon login you’ll notice the “Please wait for the Remote Desktop Configuration”. At this point, the UPD will be created for the user based off the template disk on your network share.

Step 2 : Confirm User Profile Disk VHD is created & Mounted.

Looking at Computer Management you’ll see the User Disk attached which is mounted to %USERPROFILE%\UserData

In windows explorer, navigating to %USERPROFILE% shows the Userdata as a Junction point provided to the Mounted VHD volume.

Running Dir /a you’ll see the Junction point & Volume mounted (the UPD VHD)

Step 3: Confirm Symbolic link create for the Outlook OST Location.

In explorer, browsing to %LOCALAPPDATA%\Microsoft, you’ll notice the Outlook folder now has a shortcut:

Running dir /a on the directory you’ll see the SYMLINK to “%USERPROFILE%\Userdata\Appdata\Local\Microsoft\Outlook” directory.

Step 4: Create an Outlook Profile Ensuring that “Use cached exchange mode” is ticked and during profile setup (as below)

Step 5 : Looking at the %LocalAppData%\Microsoft\Outlook you’ll notice the folder is populated with the outlook cache.

Step 6 : Logging off your session and mounting the VHD on a separate server, assigning a drive letter, confirms the Outlook data is captured.

User Profile Disk Considerations

AV Considerations

The following should be added to AV configuration to ensure optimal performance of the VHD’s:-

• Path: UPD Root Path (Wherever your VHD’s are stored)
• Exclusion: Exclude .VHD and .VHDX for Folder and Subfolders

Initial Sizing of VHD

The initial sizing should reflect the potential size and growth of the OST over a period of time. I advise consulting with your O365 team on a number of items

• Average Mailbox Size
• Average Daily Sent/Received

This will allow you to decide the base Template Size most appropriate for your enviroment and how much of your mailbox is cached.

UPD Disk Identification

Identifying the disk in UPD by SID is somewhat difficult, but Jeroen Tielen @jeroentielen has written a powershell script to create a txt file alongside the VHD to make it easier to identify the user it is assigned to . Add username textfile to Microsoft User Profile Disks fileshare

Exclusion of users

Unfortunately the application of User Profile Disk is device/computer based. You cannot be selective about which users it applies , so anyone including administrators will also get it applied and have a disk created.

Profile Solution Exclusions

Ensure that %LOCALAPPDATA%\Microsoft\Outlook is excluding from being captured on whichever profile solution is being used (UPM, Ivanti etc)

Conclusion

This configuration has succeeded in delivering is free and simple solution to avoid the requirement of storing Outlook OST files on network shares when deploying VDI or RDSH environments.

Below is a number of different profile solutions we test this solution against.

If we look at how comparison matrix list (link below) here how it compares with the criteria.

NOTE : Amber for profile agnostics as it needs a solution which does not capture the full profile and relies upon no solution being in place or solution which does not capture rely upon injecting into the profile at an early stage.

There are many other options/solutions available on out there (already covered in Office 365 in Non-Persistent environment – Product Comparison Matrix) which gives an overview and analysis of each product.I’d advise reviewing this article based on your own environments requirements (how much of Office365 will be used) before deciding on which product/solution will meet your needs.