Good morning AskPerf! This is Sree Krishna and Ramesh from Remote Desktop Services Team. Today we will discuss User Profile Disk migrations.
As you may know, Microsoft released a new feature to manage user profiles in Remote Desktop Services (RDS) deployments called User Profile Disks. User Profile Disks (UPD) store user and application data on a single virtual disk that is dedicated to one user.
UPD takes advantage of the NTFS attributes to control the permissions of objects. Since every user has their own user profile disk, each disk is created with explicit permissions. In other words when a user profile disk is created, the ACL (Access Control List) is added with the below default permissions:
c) <User account to which the User profile disk belongs >
All other user permissions are removed to avoid the user profile disk being accessed other than the corresponding user.
Why would this be an issue?
Let's consider the below scenario:
You have the user profile disks created on Drive A:.
For some reason such as (Space constraints/ Server migration / Data migration) you are forced to move your User Profile disks to a different location.
This is when you should consider the Windows NT permission architecture.
You plan to migrate the UPD files on within the same Drive (Migrating the files that are one volume to another volume on the same disk)
If so, then you have nothing to worry about as this not difficult.
All this being said, when the permissions of a User Profile Disk loses its default permissions (especially in Scenario 2), you will likely end up with problems in your Remote desktop Services environment.
Symptoms you May notice:
If the User Profile Disk loses permission for its corresponding user, that user will be logged on with a temporary profile. The issue with this is all of the users profile settings will not be available, and, any changes made in that session will be lost.
Additionally you may see Event ID’s 1511 recorded in the event viewer for every login attempt.
To preserve permissions when files and folders are copied or moved, use the Xcopy.exe utility with the /O or the /X switch. The object’s original permissions will be added to inheritable permissions in the new location.
To add an object's original permissions to inheritable permissions when you copy or move an object, use the Xcopy.exe utility with the –O and –X switches.
To preserve existing permissions without adding inheritable permissions from the parent folder, use the utilities such as Robocopy.exe
xcopy c:\old c:\new /O /X /E /H /K
is the source folder and
is the destination folder.
- Copies folders and subfolders, including empty ones.
- Copies hidden and system files also.
- Copies attributes. Typically, Xcopy resets read-only attributes.
- Copies file ownership and ACL information.
- Copies file audit settings (implies
Hopefully this post makes you aware of issues that can arise from migrating UPD’s.