How to Setup Citrix User Profiles using Citrix UPM

Photo of author
Jatin Makhija
0

This article demonstrates the steps for setting up Citrix User Profiles using Citrix UPM. If you are utilizing FSLogix, you can configure user profiles by referring to the blog post titled How to Set Up Citrix User Profiles using FSLogix.

To minimize network load and enhance the user logon process, consider redirecting user profile folders, such as Documents, Downloads, Desktop, Pictures, etc., to a network share. For guidance on configuring Folder Redirection for Citrix user profiles, consult the blog post titled “How to Set Up Folder Redirection in Citrix“.

For those interested in using OneDrive for folder redirection of Windows known folders, please refer to the blog post titled “Move Windows Known Folders to OneDrive Using Intune“.

Steps to Setup Citrix User Profiles using UPM

  • Step 1: Import Citrix ADMX and ADML Templates
    • For creating a GPO to Enable and Configure Citrix User profiles, Import ADMX and ADML Group policy template files on the domain controller.
  • Step 2: Ensure Citrix Profile Management Service is Running
    • Check and confirm that the Citrix Profile Management Service is running on each Virtual Delivery Agent (VDA).
  • Step 3: Set Up a Network Share for User Profiles
    • Create a network share where user profiles will be stored. This should be accessible to all relevant VDAs.
  • Step 4: Enable Citrix Profile Management via Group Policy (Using Group Policy Configuration for Citrix UPM)
    • Utilize Group Policy to enable and configure Citrix Profile Management. The configuration settings will include parameters like profile paths, file exclusions, and other relevant configurations.
  • Step 5 – Verify Citrix User Profile Folder
    • After the user creates a session on Citrix, the User Profile will be generated. Verify the profile folder to confirm if the setup is functioning correctly.

Step 1 – Import Citrix ADMX and ADML Templates

To set up and configure Citrix User Profiles, we will create a Group Policy Object (GPO) in Active Directory using the Group Policy Management Console. But first, you will need to import Citrix ADMX and ADML templates.

Import Citrix ADMX and ADML Templates

  1. Open the Citrix Installation ISO and navigate to the following location: \x64\ProfileManagement\ADM_Templates\en.
Import Citrix ADMX and ADML Templates
Import Citrix ADMX and ADML Templates
  1. Copy the files ctxprofile7.15.4000.admx and ctxprofile7.15.4000.adml. Note that the version number may vary based on your Citrix version.
  1. Paste the ADMX file into C:\Windows\PolicyDefinitions\ and the ADML file into C:\Windows\PolicyDefinitions\en-US.

If you are using a Central Store for Group Policies, paste these files into the appropriate store location. For details on the location of the Central Store, please refer to the link: Central GPO Store PolicyDefinitions folder.

Note

Step 2 – Ensure Citrix Profile Management Service on the VDA is Running

The Citrix Profile Management Service should be set to ‘Automatic‘ and running on all Citrix Virtual Delivery Agent (VDA) servers.

Ensure Citrix Profile Management Service on the VDA is Running
Ensure Citrix Profile Management Service on the VDA is Running

Step 3 – Create a Network Share on File Server (User Store)

Create a network share folder named ‘ctx_upm_profiles‘ and configure both share permissions and NTFS permissions. To Configure the permissions, follow the permissions configuration outlined in the post ‘How to Set Up Folder Redirection in Citrix‘ for reference.

Refer to the section titled ‘Create a Network Share and Configure Share and NTFS Permissions‘ for guidance on configuring share and NTFS permissions for the ‘ctx_upm_profiles’ folder. After sharing the folder, make a note of the UNC path as we will use it later during the GPO configuration.

Step 4 – Configure Citrix UPM using Group Policy

To create a GPO and configure Citrix UPM, follow the steps below:

  1. Log in to the Domain Controller and open the Group Policy Management Console (gpmc.msc).
  2. Create a new Group Policy or use an existing one. In this example, the same group policy used earlier for folder redirection, named ‘Citrix – Folder Redirection‘ will be used to enable Citrix Profile Management.
  3. Configure all settings under the following Group Policy Path: Computer Configuration | Policies | Administrative Templates | Profile Management.
  4. Some settings are essential to enable Citrix Profile Management, such as ‘Enable Profile Management‘ and ‘Path to User Store‘. Additionally, other settings are configured based on best practices. The table below outlines each setting configured in this setup.
Profile SettingPath of the SettingValue
Enable Profile Management…\Profile Management\Enabled
Path to User Store…\Profile Management\\\<server>\ctx_upm_profiles\#SAMAccountName#
Customer Experience Improvement Program…\Profile Management\Disabled
Process logons of local administrators…\Profile Management\Disabled (It helps when troubleshooting because, if Profile Management is misconfigured and prevents user logons, you are still able to log on as an administrator.)
Enable Logging…Profile Management\Log SettingsEnabled
Maximum size of Log File…Profile Management\Log SettingsEnabled
Maximum Size in bytes: 10485760 (10 MB)
Path to Log File…Profile Management\Log SettingsC:\ctx_upm_logs
Local Profile Conflict Handling…Profile Management\Profile HandlingEnabled

if both a local Windows user profile and a Citrix user profile in the user store both exist: Delete Local Profile or Rename Local profile according to your preference.
Migration of Existing Profiles…Profile Management\Profile HandlingEnabled

Types of user profiles to be migrated if the user store is empty: Roaming and Local
Delete locally cached profiles on logoff…Profile Management\Profile HandlingEnabled
Profile streaming…Profile Management\Streamed User ProfilesEnabled
Profile Streaming Exclusion list…Profile Management\Streamed User ProfilesEnabled

List of directories to exclude from profile Streaming:

List1
Exclusion list- Files…Profile Management\File systemEnabled

List of files to Exclude:
!ctx_localappdata!\Microsoft\Windows\UsrClass.dat*
Directories to synchronize…Profile Management\File system\SynchronizationEnabled

List of directories to synchronize:

AppData\Local\Microsoft\Credentials
Appdata\Roaming\Microsoft\Credentials
Appdata\Roaming\Microsoft\Crypto
Appdata\Roaming\Microsoft\Protect
Appdata\Roaming\Microsoft\SystemCertificates
Files to Synchronize…Profile Management\File system\SynchronizationEnabled
List 2 (Files to Synchronize)
List1 (List of directories to exclude from profile Streaming)
Exclusion list-directories [These are part of Default Exclusions from UPM 5.3 onwards]

!ctx_internetcache!
AppData\Local\Google\Chrome\User Data\Default\Cache
AppData\Local\Google\Chrome\User Data\Default\Cached Theme Images
AppData\Local\Google\Chrome\User Data\Default\JumpListIcons
AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld
AppData\Local\GroupPolicy
AppData\Local\Microsoft\AppV
AppData\Local\Microsoft\Messenger
AppData\Local\Microsoft\Office\15.0\Lync\Tracing
AppData\Local\Microsoft\OneNote
AppData\Local\Microsoft\Terminal Server Client
AppData\Local\Microsoft\UEV
AppData\Local\Microsoft\Windows Live
AppData\Local\Microsoft\Windows Live Contacts
AppData\Local\Microsoft\Windows\Application Shortcuts
AppData\Local\Microsoft\Windows\Burn
AppData\Local\Microsoft\Windows\CD Burning
AppData\Local\Microsoft\Windows\Notifications
AppData\Local\Packages
AppData\Local\Sun
AppData\Local\Windows Live
!ctx_localsettings!\Temp
AppData\Roaming\Microsoft\AppV\Client\Catalog
AppData\Roaming\Sun\Java\Deployment\cache
AppData\Roaming\Sun\Java\Deployment\log
AppData\Roaming\Sun\Java\Deployment\tmp
$Recycle.Bin
AppData\LocalLow
Tracing
new path for Temporary Internet Files in Windows 8 and later
AppData\Local\Microsoft\Windows\INetCache                                        
If running Office 365 with Shared Computer Activation, then exclude
!ctx_localappdata!\Microsoft\Office\15.0\Licensing
!ctx_localappdata!\Microsoft\Office\16.0\Licensing
List 2 (Files to Synchronize)
AppData\LocalLow\Sun\Java\Deployment\security\exception.sites
AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
AppData\LocalLow\Sun\Java\Deployment\deployment.properties
AppData\Local\Google\Chrome\User Data\First Run
AppData\Local\Google\Chrome\User Data\Local State
AppData\Local\Google\Chrome\User Data\Default\Bookmarks
AppData\Local\Google\Chrome\User Data\Default\Favicons
AppData\Local\Google\Chrome\User Data\Default\History
AppData\Local\Google\Chrome\User Data\Default\Preferences

As the GPO settings are computer-based, applying them to Citrix VDA Servers will create corresponding registry entries in the following registry path on each Citrix VDA Server.

Ensure that the registry entries and values match the configurations set in the GPO. If the registry entries are not visible, it may indicate that the GPO is not being applied or is not configured correctly.

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix\UserProfileManager\

Registry Entry Location

Step 5 – Verify Citrix User Profile Folder

After a user logs on to Citrix, a Citrix UPM profile folder is created using the user’s samAccountname at the user store location configured in the GPO. The screenshot below illustrates the Citrix user profile for a specific user.

Citrix Profile Folder UPM
Verify Citrix Profile Folder

External References

Leave a Comment

Detailed Step-by-Step guides for Setup/Troubleshooting/Configuration solutions on Intune, Microsoft 365, Powershell, Windows, Azure, and other Cloud technologies.

About the author
Contact Us
Privacy Policies
Comment Policies
Cookie Policies

Let's Connect!

Discover more from TechPress

Subscribe now to keep reading and get access to the full archive.

Continue reading