Xenit Technical
  • Hem
  • Besök Xenit.se
  • Kontakta oss
  • Citrix
    • NetScaler
    • Virtual Apps and Desktops
    • WEM
    • Hypervisor
    • XenMobile
    • Receiver
  • Microsoft
    • Active Directory
    • ADFS
    • Azure
    • Exchange
    • Hyper-V
    • Office 365
    • Intune
    • Skype for Business
    • Teams
    • Windows Server
    • System Center
  • Övrigt
  • Hem
  • Besök Xenit.se
  • Kontakta oss
  • Citrix
    • NetScaler
    • Virtual Apps and Desktops
    • WEM
    • Hypervisor
    • XenMobile
    • Receiver
  • Microsoft
    • Active Directory
    • ADFS
    • Azure
    • Exchange
    • Hyper-V
    • Office 365
    • Intune
    • Skype for Business
    • Teams
    • Windows Server
    • System Center
  • Övrigt
sep17201817 september, 201817 september, 20180Commentby Jonas Agblad

Convert Citrix UPM to FSLogix Profile Containers

Posted in Citrix, Okategoriserade

Scenario

When you finally decided to take the leap and implement FSLogix Profile Containers you may find yourself wondering, how would you do this without wiping out everyone’s profiles? In an utopia you could simply reset everyone’s profile and pray nobody noticed or didn’t care. Unfortunately that rarely is the case, the Helpdesk will be handling a lot of missing favorites in Internet Explorer and reconfigure application settings and so on…

What you probably already figured out is that you need to convert the Citrix User Profile to the *.vhd/vhdx-disk. Unfortunately there is no built-in function in FSLogix nor is there a tool provided by FSLogix (probably in the near future) to do this BUT, there exists some Powershell-scripts out there and with some tweaks you can convert your profiles successfully and keep your users happy!

Solution

After some research I choose to try out a script created by David Ott. You can check the original post here, or on the FSLogix blogg.

I find this script the most capable, it tests various scenarios, for example: if you already implemented FSLogix Profile Containers to your users, FSLogix would have already created the vhd-disks,  but the script tests this and if that´s the case it will mount the disk and copy the old profile within the disk. Pretty neat!

 

So, how does the script work?

I´m glad you asked! David Ott described it best, I quote:

  1. Gets a list of all UPM profile directories in the root path (that you supply) and displays them to you to select which one(s) you would like to convert via out-gridview
  2. For each profile you select:
    1. Gets the username from the profile path – you will have to edit this part for your environment… explanation in the script
    2. Use the username to get the SID (FSLogix profiles use the username and sid to name the profile folder)
    3. Creates the FSLogix profile folder (if it doesn’t exist)
    4. Sets the user as the owner of that folder, and gives them full control
    5. Creates the .vhd (my default is 30GB dynamic – edit on line 70 if you wish to change it) – if it doesn’t exist (if it does skip 7, 9-10)
    6. Attaches the .vhd
    7. Creates a partition and formats it ntfs
    8. Assigns the letter T to that drive (edit on line 73 if you wish to change that)
    9. Creates the T:\Profile directory
    10. Grants System/Administrators and the user full control of the profile directory
    11. Copies the profile from the UPM path to the T:\Profile directory with /E /Purge – if you are re-running this script on a particular profile it will overwrite everything fresh
    12. Creates T:\Profile\AppData\Local\FSLogix if it doesnt exist
    13. Creates T:\Profile\AppData\Local\FSLogix\ProfileData.reg if it doesn’t exist (this feeds the profilelist key at logon)

The script in all its glory!

PowerShell
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#Requires -RunAsAdministrator
<#
Written by David Ott
This script will convert Citrix UPM profiles to FSLogix .vhd profiles (you should be able to edit it to do vhdx as well)
Pay attention to all of the commented areas.  It uses diskpart to create/mount/dismount the .vhd file, and
robocopy to copy the UPM profile to the .vhd.
Once executed (assuming you have edited $newprofilepath and $oldprofiles to match your environment) it will give you a list of
profiles to convert.  You can then select which profile(s) you wish to convert to FSLogix profiles.
You could also edit this script to use hyperv commands to create/mount/dismount the vhd/vhdx files instead of diskpart if you have
the hyperv module installed.
Before using in production test!!
#>
# fslogix profile path
$newprofilepath = "\\server\fslogxprofiles" ##### FSLogix Root Profile Path
<#
upm profile path - our production UPM root folders are username.domain, and the actual Windows 7 profile lives under
v2x64\UPM_Profile:
\\server\share\%USERNAME%.%USERDOMAIN%\!CTX_PROFILEVER!!CTX_OSBITNESS!
this would have to be edited based on environment - the main thing is to have it have the full path to all of the actual UPM_Profile
directories
#>
$oldprofiles = gci \\oldserver\upmprofiles | ?{$_.name -like "*.$env:userdomain"} | select -Expand fullname | sort | out-gridview -OutputMode Multiple -title "Select profile(s) to convert"| %{
Join-Path $_ "v2x64\UPM_Profile"
}
# foreach old profile
foreach ($old in $oldprofiles) {
<#
Since I know that the folder has the username in it i get that and save it to the sam variable, and use that to get the user's sid
then save that to $sid.
You will most likely have to edit the $sam line to pull the username out of the old profile path.  Play with the string and
split-path until you nail down just the username.  For instance let's say your current profile path is
\\server\profileshare\username\v2x64\UPM_Profile  you could do something like this
$sam = (($old -split "profileshare")[1] -split "v2x64")[0] -replace "\\",""
That splits the string at profileshare, and selects the 2nd part (0 would be the first) which is \username\v2x64\UPM_Profile
it then splits that again using v2x64 and selects the first part (remember 0 is the first) which is \username\
Finally it replaces the "\" characters (you need to match \\ as \ is a special character the first slash just says to use it as a
string) with nothing... leaving you with the username.  
#>
$sam = Split-Path ($old -split ".$env:userdomain")[0] -leaf
$sid = (New-Object System.Security.Principal.NTAccount($sam)).translate([System.Security.Principal.SecurityIdentifier]).Value
<#
A .reg file located in %localappdata%\FSLogix - last thing the script does is create the .reg file for the profilelist key
#>
$regtext = "Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\$sid]
`"ProfileImagePath`"=`"C:\\Users\\$sam`"
`"FSL_OriginalProfileImagePath`"=`"C:\\Users\\$sam`"
`"Flags`"=dword:00000000
`"State`"=dword:00000000
`"ProfileLoadTimeLow`"=dword:00000000
`"ProfileLoadTimeHigh`"=dword:00000000
`"RefCount`"=dword:00000000
`"RunLogonScriptSync`"=dword:00000000
"
<# set the nfolder path to \\newprofilepath\username_sid - this is not default
If you are going with the default then replace then reverse the $sam/$sid variables as below
$nfolder = join-path $newprofilepath ($sid+"_"+$sam)
#>
$nfolder = join-path $newprofilepath ($sam+"_"+$sid) ##### See note above
# if $nfolder doesn't exist - create it
if (!(test-path $nfolder)) {New-Item -Path $nfolder -ItemType directory | Out-Null}
& icacls $nfolder /setowner "$env:userdomain\$sam" /T /C
& icacls $nfolder /grant $env:userdomain\$sam`:`(OI`)`(CI`)F /T
# sets vhd to \\nfolderpath\profile_username.vhd
$vhd = Join-Path $nfolder ("Profile_"+$sam+".vhd")
# diskpart commands
$script1 = "create vdisk file=`"$vhd`" maximum 30720 type=expandable"
$script2 = "sel vdisk file=`"$vhd`"`r`nattach vdisk"
$script3 = "sel vdisk file=`"$vhd`"`r`ncreate part prim`r`nselect part 1`r`nformat fs=ntfs quick"
$script4 = "sel vdisk file=`"$vhd`"`r`nsel part 1`r`nassign letter=T"
$script5 = "sel vdisk file`"$vhd`"`r`ndetach vdisk"
$script6 = "sel vdisk file=`"$vhd`"`r`nattach vdisk readonly`"`r`ncompact vdisk"
<#
if the vhd doesn't exist create, attach, wait 5 seconds (windows has to catch up), create/format the partition,
assigns letter T (change this as needed), and sets the disk label to Profile-username
#>
if (!(test-path $vhd)) {
$script1 | diskpart
$script2 | diskpart
Start-Sleep -s 5
$script3 | diskpart
$script4 | diskpart
& label T: Profile-$sam
New-Item -Path T:\Profile -ItemType directory | Out-Null
# set permissions on the profile
start-process icacls "T:\Profile /setowner SYSTEM"
Start-Process icacls -ArgumentList "T:\Profile /inheritance:r"
$cmd1 = "T:\Profile /grant $env:userdomain\$sam`:`(OI`)`(CI`)F"
Start-Process icacls -ArgumentList "T:\Profile /grant SYSTEM`:`(OI`)`(CI`)F"
Start-Process icacls -ArgumentList "T:\Profile /grant Administrators`:`(OI`)`(CI`)F"
Start-Process icacls -ArgumentList $cmd1
} else {
# if the vhd does exist then attach, wait 5 seconds, assign letter T
$script2 | diskpart
Start-Sleep -s 5
$script4 | diskpart
}
# copies in the UPM profile to the Profile directory on the vhd /E /Purge - this is so it will update with the latest info
"Copying $old to $vhd"
& robocopy $old T:\Profile /E /Purge /r:0 | Out-Null
# creates the %localappdata%\FSLogix path if it doesnt exist
if (!(Test-Path "T:\Profile\AppData\Local\FSLogix")) {
New-Item -Path "T:\Profile\AppData\Local\FSLogix" -ItemType directory | Out-Null
}
# creates the profiledata.reg file if it doesn't exist
if (!(Test-Path "T:\Profile\AppData\Local\FSLogix\ProfileData.reg")) {$regtext | Out-File "T:\Profile\AppData\Local\FSLogix\ProfileData.reg" -Encoding ascii}
$script5 | diskpart
}
 

Please let me know if you find this script helpful or if you have any questions regarding this helpful tool!

Disclaimer: All information on this blog is offered "as is" with no warranty. It is strongly recommended that you verify all information and validate all scripts in isolated test environments before using them in production environments.
Tags:CitrixFSLogix Profile ContainersUser Profile Manager

Next Post
Previous Post


Kommentera Avbryt svar

E-postadressen publiceras inte. Obligatoriska fält är märkta *

Next Post
Previous Post

  • Följ oss

  • Senaste inlägg

    • Citrix brings back Local Text Echo 12 februari, 2019
    • Wireless Networking in Windows Server 2019 11 februari, 2019
    • New features in Azure Blueprints 6 februari, 2019
    • Easy way to disable items in Control Panel and Settings App in Windows 10 and Server 2019 5 februari, 2019
    • Teams keeps crashing in Citrix 29 januari, 2019
  • Kategorier

    • Active Directory
    • ADFS
    • Applications
    • Azure
    • Citrix
    • Exchange
    • Hyper-V
    • Hypervisor
    • Intune
    • Microsoft
    • NetScaler
    • Office 365
    • Okategoriserade
    • Övrigt
    • Receiver
    • Skype for Business
    • System Center
    • Teams
    • Virtual Apps and Desktops
    • WEM
    • Windows Server
    • XenMobile
  • Arkiv

    • februari 2019
    • januari 2019
    • december 2018
    • november 2018
    • oktober 2018
    • september 2018
    • augusti 2018
    • juli 2018
    • juni 2018
    • maj 2018
    • april 2018
    • mars 2018
    • februari 2018
    • januari 2018
    • december 2017
    • november 2017
    • oktober 2017
    • september 2017
    • augusti 2017
    • juli 2017
    • juni 2017
    • maj 2017
    • april 2017
    • mars 2017
    • februari 2017
    • januari 2017
    • december 2016
    • oktober 2016
    • september 2016
    • augusti 2016
    • juli 2016
    • juni 2016
    • april 2016
    • mars 2016
    • februari 2016
    • januari 2016
    • december 2015
    • november 2015
    • oktober 2015
    • maj 2015
    • januari 2014

Copyright © 2015-2019 Xenit AB | Kungstorget 7, 411 17 Göteborg | +46 10 707 35 00 | info@xenit.se

Disclaimer: All information on this blog are offered "as is" with no warranty. While it's tested and working in our environment, it is recommended that you test these scripts in a test environment before using in your production environment.

Vi använder cookies för att se till att vi ger dig den bästa upplevelsen av vår webbplats. Genom att stanna kvar på sidan accepterar du att cookies används.Jag förstår