Parallels Remote Application Server

FSLogix Profile Container and Office Container Best Practices

Parallels International GmbH
Vordergasse 59
8200 Schaffhausen
Switzerland
Tel: + 41 52 672 20 30
www.parallels.com

© 2023 Parallels International GmbH. All rights reserved. Parallels and the Parallels logo are trademarks or registered
trademarks of Parallels International GmbH in Canada, the U.S., and/or elsewhere.

Apple, Safari, iPad, iPhone, Mac, macOS, iPadOS are trademarks of Apple Inc. Google, Chrome, Chrome OS, and
Chromebook are trademarks of Google LLC.

All other company, product and service names, logos, brands and any registered or unregistered trademarks mentioned
are used for identification purposes only and remain the exclusive property of their respective owners. Use of any brands,
names, logos or any other information, imagery or materials pertaining to a third party does not imply endorsement. We
disclaim any proprietary interest in such third-party information, imagery, materials, marks and names of others. For all
notices and information about patents please visit https://www.parallels.com/about/legal/
Contents
Overview .................................................................................................................... 4
Roaming User Profiles ........................................................................................... 4
User Profile Disk (UPD) .......................................................................................... 5
FSLogix Profile Containers .................................................................................... 5
Office Container .................................................................................................... 6
Concurrent connections and multiple connections ................................................ 7
Multiple connections ............................................................................................. 7
Prerequisites ............................................................................................................ 10
Eligibility requirements ......................................................................................... 10
Required storage permissions ............................................................................. 11
FSLogix Profile Containers on Azure Files ............................................................ 11
FSLogix Profile containers on Azure Page Blobs.................................................. 12
Configuration requirements ................................................................................. 12
FSLogix antivirus exclusions ................................................................................ 12
Configuring FSLogix via Parallels RAS ................................................................... 14
New FSLogix deployment via Parallels RAS......................................................... 14
Rebooting a host .......................................................................................... 30
Configure managing existing profiles by Parallels RAS ......................................... 31
Prerequisites for existing FSLogix configuration ............................................ 32
Replicate GPO and FSLogix configuration .................................................... 32
Migration from UPD and Roaming profiles ........................................................... 33
Best practices ..................................................................................................... 33
Cloud Cache ................................................................................................ 33
Advanced logging ........................................................................................ 35
SMB locations .............................................................................................. 36
Moving to Cloud Cache from traditional FSLogix Profile Container ................ 37
Using Cloud Cache in persistent physical environments ................................ 37
FSLogix Containers backup ................................................................................ 38
SMB locations .............................................................................................. 38
Cloud Cache ................................................................................................ 39
References ............................................................................................................... 41
Index ........................................................................................................................ 42
CHAPTER 1

Overview

This document describes how to configure FSLogix Profile Containers and Office Containers using
Parallels® RAS.

FSLogix Profile Container is a remote profile solution for non-persistent environments. It is

supported in Parallels RAS starting from version 18. FSLogix Profile Container redirects the entire
user profile to a remote location and maintains user context in non-persistent environments,
minimizing sign-in times, providing native profile experience, and eliminating compatibility issues.
Being the successor of Roaming Profiles and User Profile Disks, FSLogix Profile Container is the
preferred profile management solution in Parallels RAS.

FSLogix Office Container is focused on storing only the profile content unique to Microsoft 365
(Office) applications. Previously, it was possible to use FSLogix Office Container with Parallels RAS,
but it required management outside of Parallels RAS. Starting from version 19.3, management and
configuration can be performed from within Parallels RAS Console and Management Portal. Office
Container is used when it is necessary to separate Office data and other profile data. It provides
protection from data loss or corruption in one of the containers and allows organizations to have
different container sizes to accommodate specific workloads or data synchronized from, for
example, Microsoft OneDrive.

Native FSLogix Profile Container and Office Container require manual configuration via the registry
or group policy. Parallels RAS makes this process more efficient for administrators by allowing them
to manage all Profile Container-related settings via Parallels RAS Console or Parallels RAS
Management Portal.

In This Chapter
Roaming User Profiles ............................................................................................ 4
User Profile Disk (UPD) ........................................................................................... 5
FSLogix Profile Containers ...................................................................................... 5
Office Container ..................................................................................................... 6
Concurrent connections and multiple connections .................................................. 7
Multiple connections............................................................................................... 7

Roaming User Profiles

This technology was introduced by Microsoft more than 20 years ago. With Roaming User Profiles,
the local profile is transferred to a network location so that a user can access it on multiple
machines. The disadvantages of this approach are:
 Overview

• Slow login. Large roaming profiles take a long time to download, and sometimes users may
need to wait more than a minute, depending on the profile size.
• Slow logoff. A roaming profile needs to be uploaded back at logoff, and if this process is
interrupted (for example, due to a network failure or power outage) the profile can be corrupted.
This results in the creation of a temporary profile and the help of an IT specialist may be
required to address the issue for the affected user.
• Folder redirection creates a large amount of SMB traffic between the desktop and the file
server. Each request to a file is treated as a new connection.
• Every issue described above will also result in increased consumption of network resources.

User Profile Disk (UPD)

As the successor of Roaming User Profiles, UPD stores user profiles in a VHD/VHDX container.
This container mounts on a machine upon the user logging in. Microsoft is no longer actively
developing UPD and as a result it is considered a legacy technology. Management of UPD in
Parallels RAS is only available when upgrading from previous versions of Parallels RAS and is no
longer available in new deployments of Parallels RAS.

The limitations of this technology are:

• UDP cannot be used on multiple devices concurrently. Once VHD(X) is mounted for the user, it
cannot be mounted on a different device if the user still has an active session on the given
session host. If a user connects to another session host while the UPD is already in use, a
temporary profile is created.
• UPD requires a configuration at the level of RDS collections. Should there be a user with the
ability to log on to several collections, a separate profile will be used for each collection. In
Parallels RAS this applies to RDSH host pool. Whenever a user connects to two servers that
belong to different RDSH host pool, the second RDP session uses a temporary profile.
• Windows deletes the search index for a user profile when the UPD disconnects at logoff. The
search index is recreated upon every login. This means that Windows search is not usable in
non-persistent VDI environments. This issue also extends to Outlook search capabilities on RD
Session Hosts.
• UPD is supported on RD Session Hosts and Windows client systems in VDI. Physical Windows
client machines are not supported.

FSLogix Profile Containers

As the successor of Roaming User Profiles and UPDs, FSLogix Profile Container has many
advantages, such as:
• Can be mounted to any computer (including physical Windows client systems).

5
Overview

• The folder where the VHD is mounted is masked, therefore tricking the OS into believing that
the profile is mounted locally and thus avoiding problems with file access by using junction
points.
• FSLogix allows simultaneous read access to the profile when the user is connected to more
than one session at a time.
FSLogix works with Office 365, for example, it can keep Outlooks OST files and OneDrive, though
OneDrive sync app does not support running multiple instances of the same container
simultaneously (https://docs.microsoft.com/en-us/onedrive/sync-vdi-support).
• Ability to keep certain directories local. By default, the profile container consists of the entire
Windows profile except for the Temp and Internet Explorer cache folders. If needed, an
administrator can specify what parts of the user profile must be persistent in the profile
container. Any part of the profile that is excluded will be deleted at logoff.

Office Container
In addition to tools for configuration and management of FSLogix Profile Containers, Parallels RAS
supports configuration and management of FSLogix Office Containers. Below you will find the
benefits of this solution used alone and together with Profile Containers.

As stated above, Profile Container is used to redirect the full user profile, while Office Container
redirects only the local user files for Microsoft Office (for example .OST files for Microsoft Outlook
and the Microsoft OneDrive cache). Office Container is especially useful for customers who are
satisfied with their existing profile management solution and only want to enhance user experience
with Microsoft 365 applications or use Profile Container and Office Container together.

Using Profile Container and Office Container together

The most important benefits of using both solutions are:

• Office data is separated from other profile data.
• If Office Container or Profile Container is damaged, the remaining data is kept intact. This can
be useful when a problem occurs with Office Data which can be recovered from the server
because the Office Container can be deleted without impacting the rest of the user
configuration.
• Office Container may be used with Profile Container as a mechanism to specify which Office
components will have their data included in the container.
• When using both Office Container and Profile Container, you have more granular control over
the amount of data a user is allowed to store for each of the types of data.

For more information, see

https://docs.microsoft.com/en-us/fslogix/profile-container-office-container-cncpt.

6
 Overview

Concurrent connections and multiple

connections
Users connect to their non-persistent working environments in different ways, depending on how
desktops and applications are delivered. When using virtual desktops and remote applications,
users may:
• Have one connection to a single instance of Windows at a time
• Have multiple concurrent connections to a single instance of Windows
• Have multiple concurrent connections to multiple instances of Windows at the same time
It is important to configure Profile Container correctly for use with concurrent connections and
multiple connections.

Multiple connections
With Profile Container, multiple connections are supported by using VHD(X) difference disks. Profile
Container is configured for multiple connections using ProfileType. When configuring Profile
Container, ProfileType can be set to one of four modes. Parallels RAS allows you to configure these
profile types from within Parallels RAS Console.

To select a profile type:

1 In the Profile Settings dialog, select the Advanced tab.

2 Select the Profile type option.
3 Select one of the four modes that are available. Multiple connections are not supported for
Office Container.

The profile types are explained in the section below.

Mode 0 (Normal profile)

Sign on:
• Client tries to attach the VHD(X) file directly. No difference disks are used. If concurrent access
is attempted, it will fail with a sharing violation (error 20).
Sign out:
• Client detaches the VHD(X) file.

7
Overview

Mode 1 (RW profile)

Sign on:
• Client attempts to open the RW.VHD(X) difference disk with Read/Write access. If it is
successful, it merges the difference disk to the parent. If it completes the merge, the
RW.VHD(X) file is deleted.
• Client creates a new RW.VHD(X) difference disk.
• Client attaches the RW.VHD(X) as the Profile VHD.
Sign out:

• Client detaches the RW.VHD(X) difference disk (the user's Profile VHD/X).
• Client attempts to open the RW.VHD(X) difference disk with Read/Write access. If it is
successful, it merges the difference disk to the parent. If it completes the merge, the
RW.VHD(X) file is deleted.

Mode 2 (RO profile)

Sign on:
• Client attempts to open the RW.VHD(X) difference disk with Read/Write access. If it is
successful, it merges the difference disk to the parent. If it completes the merge, the
RW.VHD(X) file is deleted.
• Client attempts to delete the previous RO difference disk (if it exists).
• Client creates the new RO difference disk.
• Client attached the RO difference disk as the user's Profile VHD.
Sign out:
• Client detaches the RO difference disk.
• Client deletes the RO difference disk.
• Client attempts to open the RW.VHD(X) difference disk with Read/Write access. If it is
successful, it merges the difference disk to the parent. If it completes the merge, the
RW.VHD(X) file is deleted.

Mode 3 (RW/RO profile)

Sign on:
• Client checks to see if a RW.VHD(X) file exists. If it doesn't, the client takes the RW role and
performs the same steps as ProfileType = 1. If the RW.VHD(X) file does exist, the client takes
the RO role and does the same steps as ProfileType = 2.

8
 Overview

General Information
• RO difference disks are stored in the local temp directory and are named
%usersid%_RO.VHD(X).
• The RW difference disk is stored on the network next to the parent VHD(X) file and is named
RW.VHD(X).
• The merge operation can be safely interrupted and continued. If one client begins the merge
operation and the operation is interrupted (e.g. the client is powered off), another client can
safely continue and complete the merge. For this reason, both the RW and RO clients begin by
attempting a merge of the RW.VHD(X).
• Merge operations on ReFS file system, where the difference disk and the parent reside on the
same ReFS volume, are nearly instantaneous no matter how large the difference disk is.
• Merge operations can only be done if there are no open handles to either the difference disk or
the parent VHD(X). For this reason, the RO client also attempts to merge the RW VHD(X) as it
may be the last session to disconnect.
For more information, see
https://docs.microsoft.com/en-us/fslogix/configure-concurrent-multiple-connections-ht.

9
CHAPTER 2

Prerequisites

In This Chapter
Eligibility requirements ............................................................................................ 10
Required storage permissions................................................................................. 11
FSLogix Profile Containers on Azure Files................................................................ 11
FSLogix Profile containers on Azure Page Blobs ..................................................... 12
Configuration requirements ..................................................................................... 12
FSLogix antivirus exclusions ................................................................................... 12

Eligibility requirements
You are eligible to access FSLogix Profile Container, Office 365 Container, Application Masking,
and Java Redirection tools if you have one of the following licenses:
• Microsoft 365 E3/E5
• Microsoft 365 A3/A5/ Student Use Benefits
• Microsoft 365 F1/F3
• Microsoft 365 Business
• Windows 10 Enterprise E3/E5
• Windows 10 Education A3/A5
• Windows 10 VDA per user
• Remote Desktop Services (RDS) Client Access License (CAL)
• Remote Desktop Services (RDS) Subscriber Access License (SAL)
FSLogix solutions may be used in any public or private data center if a user has the necessary
license.

For more information, see: https://docs.microsoft.com/en-us/fslogix/overview.

 Prerequisites

Required storage permissions

Profile Containers store user information in VHD(X) files. These files are stored in a network location.
Profile Containers and Office Containers can automatically create the folders and files needed. To
avoid security issues, user permissions must be created to allow users to create and use a profile,
while not allowing access to other users’ profiles.

Per FSLogix documentation

(https://docs.microsoft.com/en-us/fslogix/configure-per-user-per-group-ht), the following is
recommended:
User account Folder Permissions

Users This Folder Only Modify

Creator/Owner Subfolders and Files Only Modify

This Folder, Subfolders
Administrator (optional) Full Control
and Files

FSLogix Profile Containers on Azure Files

FSLogix profiles can also be stored on Azure Files with Active Directory Domain Services or Azure
Active Directory Domain Services. Per FSLogix documentation
(https://learn.microsoft.com/en-us/azure/virtual-desktop/fslogix-profile-container-configure-azure-fil
es-active-directory), the requirements below need to be met. Once completed, the same NTFS
permissions as outlined in the previous chapter need to be applied.
• Host pool where the session hosts are joined to an AD DS domain or Azure AD DS managed
domain, and users are assigned.
• A security group in your domain that contains the users who will use FSLogix Profile
Containers. If you’re using AD DS, it must be synchronized to Azure AD.
• You Azure subscription must allow you to create a storage account and add role assignments.
• A domain account to join computers to the domain and open an elevated PowerShell prompt.
• The subscription ID of your Azure subscription where your storage account will be.
A computer joined to your domain for installing and running PowerShell modules that will join the
storage account to your domain. This device must be running a supported version of Windows.
Alternatively, you can use a session host.

11
Prerequisites

FSLogix Profile containers on Azure Page Blobs

FSLogix profiles can also be stored directly on Azure Page Blobs. When using Azure Page Blobs, it
is strongly recommended to store sensitive Azure credentials inside Windows Credential Manager.
This prevents exposing sensitive Azure credentials to users with access to the session host
registry. Chapter 3 explains how to leverage Azure Page Blobs and provides guidance on how to
use Credential Manager to securely store the required Azure credentials. When deciding on the
storage type and location, make sure to perform a cost calculation up front as there can be a
significant cost difference between various storage solutions in Azure.

Configuration requirements
Please ensure that FSLogix Office or Profile Container is not configured by GPO on the server(s) as
this will cause conflicts with the settings specified in the Parallels RAS Console or Management
Portal.

FSLogix antivirus exclusions

For FSLogix Profile Container to work properly, configure your antivirus to exclude the following
objects, as per Microsoft’s recommendations:

Files:

• %TEMP%\*\*.VHD
• %TEMP%\*\*.VHDX
• %Windir%\TEMP\*\*.VHD
• %Windir%\TEMP\*\*.VHDX
• \\server-name\share-name\*\*.VHD
• \\server-name\share-name\*\*.VHD.lock
• \\server-name\share-name\*\*.VHD.meta
• \\server-name\share-name\*\*.VHD.metadata
• \\server-name\share-name\*\*.VHDX
• \\server-name\share-name\*\*.VHDX.lock
• \\server-name\share-name\*\*.VHDX.meta
• \\server-name\share-name\*\*.VHDX.metadata

12
 Prerequisites

Note: Antivirus exclusions for Microsoft Defender for Endpoint (previously Microsoft Defender Advanced
Threat Protection) can be set via Parallels RAS optimizations (Windows Defender ATP category). See this
KB for more info: https://kb.parallels.com/en/125071.

13
CHAPTER 3

Configuring FSLogix via Parallels RAS

User profile settings can be configured for the following components:

• RD Session Hosts

• VDI

• Azure Virtual Desktop

In This Chapter
New FSLogix deployment via Parallels RAS ............................................................ 14
Configure managing existing profiles by Parallels RAS ............................................. 31
Migration from UPD and Roaming profiles ............................................................... 33
Best practices ........................................................................................................ 33
FSLogix Containers backup .................................................................................... 38

New FSLogix deployment via Parallels RAS

Note: at the time of writing, Parallels RAS Management Portal can configure FSLogix Profile Containers
for RD Session Hosts only. For other host types, please use the desktop-based Parallels RAS Console.

FSLogix can be configured on the User profile tab. To reach it follow the steps below.

RD Session Hosts:

1 In Parallels RAS Console, go to Farm > RD Session Hosts > Host pools.
2 Right-click the Host pool you need and select Properties.
 Configuring FSLogix via Parallels RAS

3 Select the User profile tab.

1 In Parallels RAS Management Portal, go to Infrastructure > Host pools.

2 Select the host pool you need.

15
Configuring FSLogix via Parallels RAS

3 Go to Properties > User Profile.

VDI:

1 In Parallels RAS Console, go to Farm > VDI > Host pools tab.
2 Right-click the host pool you need and select Properties.

16
 Configuring FSLogix via Parallels RAS

3 Select the User profile tab.

Azure Virtual Desktop:

1 In Parallels RAS Console, go to Farm > Azure Virtual Desktop > Host Pools tab.
2 Right-click the host pool that you need and select Properties.

17
Configuring FSLogix via Parallels RAS

3 Select the User Profile tab.

The most recent instructions are also available in Parallels RAS Administrator's Guide:
https://download.parallels.com/ras/v19/docs/en_US/Parallels-RAS-19-Administrators-Guide.pdf

FSLogix configuration can either be enforced on an individual server or on multiple servers at once
using host pools Group Defaults. For testing purposes, when configuring RDSH, it is recommended
to test FSLogix configuration on a single machine before applying the settings to all machines.

To enable FSLogix on a single machine:

1 On the User Profile tab, clear the Inherit default settings checkbox.

18
 Configuring FSLogix via Parallels RAS

2 In the Technology the drop-down menu, select FSLogix.

FSLogix Profile Containers settings are described below.

Deployment method: Here you need to select a method that Parallels RAS will use to install
FSLogix agent on individual hosts. You can select from one of the following:

Install manually: Select this option if you want to install FSLogix agent on every host yourself. If
this option is selected, Parallels RAS will not attempt to install FSLogix on a host.

Install online: The default method. This option installs FSLogix agent on session hosts from the
Internet. Select one of the Parallels supported FSLogix versions from the drop-down list or select
Custom URL and specify a download URL. Click the Detect latest button to automatically obtain
a URL of the latest FSLogix version.

Install from a network share: Select this option if you have the FSLogix installation files on a
network share and specify its location.

19
Configuring FSLogix via Parallels RAS

Push from RAS Connection Broker: This option allows you to upload the FSLogix installation
archive to the RAS Connection Broker server. When you enable FSLogix on a session host, it will
be push installed on the host from the RAS Connection Broker server.

20
 Configuring FSLogix via Parallels RAS

To configure the FSLogix profile container or Office Container disk details, select User Profile
Containers or Use Office Containers and open the Disks tab.

Location type: Select a location type for profile disks (SMB Location or Cloud Cache).

Location of profile disks: Specify one or more locations per FSLogix requirements
(https://docs.microsoft.com/en-us/fslogix/profile-container-configuration-reference). SMB Location
stands for VHDLocations, Cloud Cache – CCDLocations.

Note: Ensure that the proper storage permissions are set for the location as described in section
"Required storage permissions (p. 11)".

21
Configuring FSLogix via Parallels RAS

Example SMB location:

The value is constructed as:

<\Location1\Folder1>

Example Cloud Cache based on an SMB location: :

The value is constructed as:

type=smb,connectionString=<\Location1\Folder1>

Example Cloud Cache based on Azure Page Blobs location:

The value is constructed as:

type=azure,connectionString=”|fslogix/ConnectionString|”
22
 Configuring FSLogix via Parallels RAS

Note that ‘fslogix/ConnectionString’ is a reference to a system stored in Windows Credential

Manager. That system credential contains the full string pointing to the Azure Page Blob. It is
advised to use Windows Credential Manager because otherwise you would expose sensitive Azure
credentials to any user who has access to the session host registry. The full string is constructed
as:

"DefaultEndpointsProtocol=https;AccountName=<accountname>;AccountKey=<A
ccountkey>;EndpointSuffix=core.windows.net"

This string can be retrieved from your storage account in Azure. Inside the Azure Portal, navigate to
the storage account, click Access Keys, and copy the contents of Connection String as shown
below.

To create, delete, and view system credentials from Windows Credential Manager, use the
frx.exe command which is a part of FSLogix. For example, to create a new system credential,
run the following command:

23
Configuring FSLogix via Parallels RAS

C:\Program Files\FSLogix\Apps\frx.exe add-secure-key -key

ConnectionString -value
"DefaultEndpointsProtocol=https;AccountName=<accountname>;AccountKey=<A
ccountkey>;EndpointSuffix=core.windows.net" creates a key called
‘ConnectionString’, matching the previous example. Note that adding ‘fslogix/’ is not
required as this is added automatically by frx.exe. For more information on working with Credentials
Manager see
https://learn.microsoft.com/en-us/fslogix/configure-cloud-cache-tutorial#protect-azure-key-with-cr
edential-manager.

Profile disk format: Select from VHD or VHDX according to your requirements. VHDX is a newer
format and has more features.

Allocation type: Select Dynamic or Full. This setting is used in conjunction with the Default size
setting (see below) to manage the size of a profile. Dynamic causes the profile container to use the
minimum space on disk, regardless of the allocated default size. As a user profile is filled with more
data, the amount of data on the disk will grow to the size specified in the Default size but will never
exceed it.

24
 Configuring FSLogix via Parallels RAS

Default size: Specifies the size of newly created VHD(X) in megabytes.

Users and Groups: This tab allows specifying include and exclude user and group lists. By default,
“Everyone” is added to the User inclusion list. If you want some user profiles to remain local, you
can add those users to the exclude list. Users and groups can exist in both lists, but the exclude list
takes priority in this case.

25
Configuring FSLogix via Parallels RAS

Folders: Here you may specify include and exclude lists for folders. Select from common folders or
specify your own. Please note that folders must reside in the user profile path.

26
 Configuring FSLogix via Parallels RAS

• Advanced: This tab allows modifying advanced FSLogix Profile Container and Office Container
settings. To modify a setting, highlight it and click the Edit button (alternatively, you may use the
Tasks > Edit option from drop down menu in the upper right corner of the tab). Things to
consider:
• By default, all settings are disabled.
• To enable a setting, select the checkbox in front of its name.
• A description for each setting is provided in the same window.

Note: Please ensure that you’re familiar with the settings before modifying them. For further information
regarding FSLogix Profile Containers configurations, see
https://learn.microsoft.com/en-us/fslogix/reference-configuration-settings.

27
Configuring FSLogix via Parallels RAS

The Advanced tab of Profile Container settings allows you to change settings that are specific to
Profile Container.

The Advanced tab of Office (ODFC) Container settings allows you to change settings that are
specific to Office Container.

Configure general App Services settings

There are 3 settings that apply to both Profile and the Office Container.

To configure App Services settings:

1 Open the User profile tab.

28
 Configuring FSLogix via Parallels RAS

2 Click Configure general settings and select the App Services tab.

Cleanup Invalid Sessions: In cases where a user's session terminates abruptly, the VHD(X)
mounted for the user's profile isn't properly detached and the user's next sign-in may not
successfully attach their VHD(X) container. Enable this setting, and FSLogix will attempts to clean
up these invalid sessions and allow a successful sign-in.

Roam Recycle Bin: When enabled, this setting creates a redirection for the user's specific Recycle
Bin into the VHD(X) container. This allows the user to restore items regardless of the machine from
where they were deleted.

VHD Compact Disk: When enabled, this setting attempts to compact the VHD disk during the
sign-out operation. It is designed to automatically reduce the size of the container file depending on
a predefined threshold.

29
Configuring FSLogix via Parallels RAS

Rebooting a host
When you enable FSLogix for a new host while running the wizard, no additional steps are
necessary. On wizard completion, the host is rebooted and is added to the active load balancing.
An existing host must be rebooted manually using the Tasks > Tools > Reboot menu option.

To reboot an existing host with Parallels RAS Management Portal:

1 Go to Infrastructure.
2 Select the RD Session Host that you need.

30
 Configuring FSLogix via Parallels RAS

3 Go to Overview > expand Control > Reboot.

Configure managing existing profiles by Parallels

RAS
In this section, we describe how to configure existing FSLogix Profile Containers to be managed by
Parallels RAS. FSLogix Profile Container configuration defines how and where the profile is
redirected. Normally, you configure profiles through registry settings and GPO. Parallels RAS gives
you the ability to configure profiles from the Parallels RAS Console or RAS Management Portal
without using external tools.

31
Configuring FSLogix via Parallels RAS

For existing configuration, please note the following:

• There is no need to change the existing profiles themselves as they will stay the same.
• You can keep using the existing FSLogix Profile Container locations (SMB or Cloud Cache).

Prerequisites for existing FSLogix configuration

1 Back up your existing profiles. It is highly unlikely that profile data can be lost or corrupted, but
it is best practice to have a valid backup prior to any change in the profile configuration.
2 Turn off the GPO configuration of FSLogix Profile Containers. This step is important because
you cannot have both GPO and Parallels RAS management of FSLogix profiles enabled at the
same time.
3 Before configuring FSLogix profiles for a server in a RAS Farm, make sure there are no user
sessions running on the server. As a suggestion, you can make the transition in a maintenance
window out of working hours.

Replicate GPO and FSLogix configuration

To configure user profile from the RAS Console:
1 Follow the instruction from section "New FSLogix deployment via Parallels RAS (p. 14)" and
open the User Profile tab.
2 Specify the following:
• The location type. In the Location of profile disks list box, specify your existing SMB or
Cloud Cache locations where your FSLogix profiles are stored.
• Profile disk format, allocation type, and default size of the profile.
3 Click the Additional Settings button to configure FSLogix per your requirements, including:
• User exclusions
• Folder exclusions
• FSLogix settings
(https://docs.microsoft.com/en-us/fslogix/profile-container-configuration-reference)
To configure profiles in Parallels RAS Management Portal:
1 Go to Infrastructure > RD Sessions Hosts.
2 Select the RD Session Host that you need.
3 Go to Properties > User Profile.
4 Specify the settings as described above for the Parallels RAS Console.

32
 Configuring FSLogix via Parallels RAS

Migration from UPD and Roaming profiles

For information about migrating to FSLogix Profile Container, visit
https://www.christiaanbrinkhoff.com/2020/02/14/youtube-how-to-migrate-from-upd-to-fslogix-prof
ile-container-profiles-to-windows-virtual-desktop/.

Note: FSLogix Profile Container may not support all functionality of the format it was converted from.

Best practices
The following are general best practices for using FSLogix profile containers.
• For optimal performance, the storage solution and the FSLogix profile containers should exist in
the same data -center location.
• Exclude the VHD(X) files for profile containers from antivirus scanning to avoid performance
bottlenecks.
• In the case of AVD, Microsoft recommends using a separate profile container per host pool
while having two active sessions.
For more information, see
https://docs.microsoft.com/en-us/azure/architecture/example-scenario/wvd/windows-virtual-deskt
op-fslogix.

In addition to SMB locations, FSLogix introduced the Cloud Cache technology

(https://docs.microsoft.com/en-us/fslogix/cloud-cache-resiliency-availability-cncpt. Please review
the list of advantages and disadvantages of each approach before d)eciding on which type of
locations to use.

Cloud Cache
Cloud Cache is a technology that allows FSLogix Profile Container data to be stored in multiple
locations at once, including traditional on-premises SMB shares and public cloud storage
providers, and to enable real time, 'active-active' redundancy for Profile Container. Cloud Cache
also uses a local cache of the profile disk to service all reads from a redirected profile after the first
read. Cloud Cache can protect users from short-term loss of connectivity to remote profile
containers. When using Cloud Cache, CCDLocations replaces VHDLocations. CCDLocations and
VHDLocations cannot be used at the same time. Note that storing profiles in multiple locations at
once generates more Azure consumption. Azure Blob storage specifically can be expensive in
certain use cases. In general, always use the Azure calculator
https://azure.microsoft.com/en-us/pricing/calculator/ to calculate Azure consumption costs up
front.

33
Configuring FSLogix via Parallels RAS

Pros:
• Seamless failover should the loss of a single storage location occur.
• Real-time, active-active redundancy for Profile Container .
• Native cloud storage such as Azure Blob, can be utilized.
• Useful if you have latency issues between the location of storage and location of workloads.

Cons:
• Logon and logoff delays that impact the user experience. This delay is variable based on many
factors such as the location of the container in relation to the location of workloads.
• A less mature solution.
• I/O capabilities must be considered as it affects user experience. See best practices for Cloud
Cache below.
Parallels RAS allows you to configure Cloud Cache from within Parallels RAS Console.

To configure Cloud Cache:

1 Open the User profile tab.
2 Click Configure general settings and select the Cloud Cache tab.

34
 Configuring FSLogix via Parallels RAS

From here you can configure all advanced settings related to Cloud Cache.

Advanced logging
FSLogix provides options to enable advanced logging for all of the FSLogix components. Parallels
RAS allows you to configure advanced logging from within RAS Console.

To configure advanced logging:

1 Open the User profile tab.
2 Click Configure general settings and select the Logging tab.

35
Configuring FSLogix via Parallels RAS

From here you can configure all advanced settings related to logging. Specify for which
components you want to enable logging, and provide a log level, retention period, and log
directory.

SMB locations

Pros:
• Less impact on writes caches such as I/O capabilities.
• Faster logon/logoff times in comparison to Cloud Cache.

Cons:
• Manual replication requirements and an active-passive methodology only.

36
 Configuring FSLogix via Parallels RAS

• Lack of seamless failover.

• Can only consume SMB locations. Azure Files can be used as well. For more information, see:
https://www.christiaanbrinkhoff.com/2020/03/01/learn-here-how-to-configure-azure-files-with-
active-directory-ad-authentication-for-fslogix-profile-container-and-msix-app-attach/.

Moving to Cloud Cache from traditional FSLogix Profile Container

Microsoft allows moving current Profile Container implementations to Cloud Cache. To start using
Cloud Cache, replace the VHDLocations setting with CCDLocations. CCDLocations and
VHDLocations may not be used in the same implementation simultaneously.

A Cloud Cache Provider contains both the profile container and associated metadata, while a
traditional VHDLocation contains only the profile container. If Cloud Cache points to profile
containers without metadata, the metadata will be created. When the metadata is added, the
Profile Container location is converted to a Cloud Cache provider.

If a user has profile containers in more than one CCDLocation, the profile container listed first in
CCDLocations will be updated to a Cloud Cache provider. All other profile containers in the same
CCDLocations string will be deleted and replaced from the first Cloud Cache Provider.

There's no mechanism to merge multiple profile containers into a single profile.

Using Cloud Cache in persistent physical environments

Cloud Cache is useful for creating profile high availability in physical environments. The
recommended configuration when using Cloud Cache for physical machines that may go offline (for
example, a notebook computer) is:
• CCDLocations should be configured so that the first Cloud Cache Provider is placed on the
local drive.
• ClearCacheOnLogoff would generally be set to 1, to avoid eventually having two full copies of
the profile on the local machine.
For more detailed information, see article “Cloud Cache to create resiliency and availability” at
https://docs.microsoft.com/en-us/fslogix/cloud-cache-resiliency-availability-cncpt.

37
Configuring FSLogix via Parallels RAS

FSLogix Containers backup

SMB locations
To achieve high availability for FSLogix Profile Container on-premises, Parallels recommends using
multiple SMB locations with a single VHD path and Distributed File System Namespace in front of
one or many SMB locations (note that only one SMB location can be active at one time) as
active-passive HA. DFSR is applicable to NTFS-based SMB locations, but a third-party
synchronization tool, such as https://bvckup2.com/kb/beyond-robocopy, is required for ReFS.

Multiple locations can be specified from the User Profile tab by clicking on the [+] button.

38
 Configuring FSLogix via Parallels RAS

For FSLogix Profile Container in the cloud (e.g. Microsoft Azure), multiple storage solutions are
available, with the recommended ones being Azure Files and Azure NetApp Files. Additional best
practices apply, such as setting up the storage solution in the same datacenter location and
excluding the VHD(X) files for Profile Container from antivirus scanning. For more information about
FSLogix Profile Container and Azure deployment options, see
https://docs.microsoft.com/en-us/azure/virtual-desktop/create-fslogix-profile-container.

More information on DFS and DFSR can be found at

https://technet.microsoft.com/enus/library/jj127250.aspx.

Cloud Cache
Cloud Cache technology allows storing multiple copies (per Microsoft, the practical limit is 4) of
Profile Containers on SMB file shares and keeping its data in sync without the need to deploy
complex replication infrastructure. Note though that logon and logoff delays may impact the user
experience.

Examples of usage:
• Keeping copies of profiles in several storage locations (disaster recovery data center).
• Replicating data to the more cost-effective storage.
• Migrating from one storage location to another.
To configure multiple Cloud Cache locations (corresponds to CCDLocations setting), simply add
them using the [+] button on the User Profile tab.

Profile Container will read data from a provider if the data needed does not already exist in the
Local Cache file. When configuring Cloud Cache locations, the order Providers are listed defines
the order Profile Container uses them for reading. If the first path specified is unavailable, then
Profile Container will attempt to read from the second Provider and so on.

39
Configuring FSLogix via Parallels RAS

Cloud Cache will always write to all Providers specified in CCDLocations, unless a specified
Provider isn't available.

Because the Local Cache file will service most I/O requests, the performance of the Local Cache
file will define the user experience. It is critical that the storage used for the Local Cache file is
high-performing and highly available. It is also suggested that any storage used for the local cache
file should be a physically attached storage or have reliability and performance characteristics that
meet or exceed high-performing physically attached storage. When using Cloud Cache, FSLogix
profiles can be stored on Azure Files as well as directly on Azure Page Blobs. For Azure Page
Blobs, it is important to secure sensitive Azure credentials by using Credential Manager. This is
explained in Chapter 3.

40
CHAPTER 4

References

• https://docs.microsoft.com/en-us/azure/virtual-desktop/create-fslogix-profile-container
• https://jkindon.com/fslogix-cloud-cache-lessons-learned-in-azure/
• https://jkindon.com/architecting-for-fslogix-containers-high-availability/
• https://www.christiaanbrinkhoff.com/2020/02/14/youtube-how-to-migrate-from-upd-to-fslogix-
profile-container-profiles-to-windows-virtual-desktop/
• https://www.christiaanbrinkhoff.com/2020/03/01/learn-here-how-to-configure-azure-files-with-
active-directory-ad-authentication-for-fslogix-profile-container-and-msix-app-attach/
• https://christiaanbrinkhoff.com/2019/03/21/the-future-of-roaming-profiles-add-fast-logon-perfo
rmance-and-office-365-support-to-your-virtual-desktop-vdi-daas-environment-with-microsoft-f
slogix-profile-container-including-existing-uem-sol/
Index

Index

A P
Advanced logging - 35 Prerequisites - 10
Prerequisites for existing FSLogix
B
configuration - 32
Best practices - 33
R
C
Rebooting a host - 30
Cloud Cache - 33, 39 References - 41
Concurrent connections and multiple Replicate GPO and FSLogix configuration -
connections - 7 32
Configuration requirements - 12 Required storage permissions - 11
Configure managing existing profiles by Roaming User Profiles - 4
Parallels RAS - 31
S
Configuring FSLogix via Parallels RAS - 14
SMB locations - 36, 38
E
U
Eligibility requirements - 10
User Profile Disk (UPD) - 5
F
Using Cloud Cache in persistent physical
FSLogix antivirus exclusions - 12 environments - 37
FSLogix Containers backup - 38
FSLogix Profile Containers - 5
FSLogix Profile Containers on Azure Files - 11
FSLogix Profile containers on Azure Page
Blobs - 12
M
Migration from UPD and Roaming profiles -
33
Moving to Cloud Cache from traditional
FSLogix Profile Container - 37
Multiple connections - 7
N
New FSLogix deployment via Parallels RAS -
14
O
Office Container - 6
Overview - 4