Citrix Virtual Apps and Desktops

User personalization layer

The user personalization layer feature for Citrix Virtual Apps and Desktops extends the capabilities of non-persistent machine catalogs. User personalization layers preserve users’ data and locally installed applications across sessions. Powered by Citrix App Layering, this feature replaces Personal vDisk (PvD).

Like PvD, the user personalization layer feature works with Citrix Provisioning and Machine Creation Services (MCS) in a non-persistent machine catalog. The feature components are installed alongside the Virtual Delivery Agent within the master Windows 10 image.

The applications and data that users create are stored on their own user layer virtual hard drive in a VHD file which is mounted on the image.

This document includes instructions for deploying and configuring the user personalization layer feature. It describes the requirements for successful deployment, limitations, and known issues.

To use the User personalization layer feature, you must first deploy it using the steps detailed in the article. Until then, the feature is not available for you to use.

Application support

Aside from the following exceptions, all applications that a user installs locally on the desktop are supported in the user personalization layer.

Exceptions

The following applications are the exception and are not supported on the user personalization layer:

  • Enterprise applications, such as MS Office and Visual Studio.
  • Applications that modify the network stack or hardware. Example: a VPN client.
  • Applications that have boot level drivers. Example: a virus scanner.
  • Applications with drivers that use the driver store. Example: a printer driver.

    Note:

    You can make printers available using Windows GPOs.

Do not allow users to install any unsupported applications locally. Rather, install these applications directly on the master image.

Applications that require a local user or administrator account

When a user installs an application locally (on their user layer), if they attempt to add or edit a local user or group required by the application, the user or group changes do not persist.

Important:

Add any required local user or group in the master image.

Requirements

The user personalization layer feature requires the following components:

  • Citrix Virtual Apps and Desktops 7 1909 or later
  • Virtual Delivery Agent (VDA), version 1912
  • Citrix Provisioning, version 1909 or later
  • Windows File Share (SMB)
  • Windows 10 Enterprise x64, version 1607 or later

Important:

  • If you installed the preview version of the user personalization layer feature, uninstall the software and reboot the master image before installing this release.
  • As described in the steps below, you must define the policies within Studio, and assign those to the specific delivery group bound to a machine catalog where the User personalization layer is deployed. Leaving the master image with no User personalization layer configuration ensures that the services remain idle and cannot interfere with authoring activities. If you set the policies in the master image, User personalization layer services attempt to run and mount a user layer in the master image. Since that environment is for authoring changes to the image, this is not ideal and could cause unexpected behaviors and instability in the master image.

Recommendations

Follow the recommendations in this section for a successful user personalization layer deployment.

Profile Management solution

We recommend using a Profile Management solution, such as Citrix Profile Management, with the user personalization layer feature.

If you are using Profile Management with the user personalization layer feature, turn off the deletion of the user’s information on logoff. Depending on how you are deploying the settings, you can turn off deletion either using a Group Policy Object (GPO) or the policy on the Delivery Controller (DDC).

For details about available Profile Management policies, see Profile Management policy descriptions and defaults.

Microsoft System Center Configuration Manager (SCCM)

If you are using SCCM with the user personalization layer feature, follow Microsoft best practices for preparing your image in a VDI environment. Refer to this Microsoft TechNet article for more information.

Maximum user layer size

We recommend at least 10 GB as the user layer size.

Note:

During installation, the value zero (0) results in the default user layer size of 10 GB.

A quota set in Windows can override the maximum user layer size

You can override the maximum user layer size set in Studio, by defining a quota for the user layer file share. If a quota is defined, the user layer is configured to be a maximum of the quota size.

To set a hard quota on the user layer size, use either of Microsoft’s quota tools:

  • File Server Resource Manager (FSRM)
  • Quota Manager

The quota must be set on the user layer directory named Users.

Note:

Increasing or decreasing the quota only impacts new user layers. It does not change the maximum size of existing user layers. Those remain unchanged when the quota is updated.

Deploy a User personalization layer

To deploy the user personalization layer feature, complete the following steps in this order:

  • Step 1: Verify availability of a Citrix Virtual Apps and Desktops environment.
  • Step 2: Prepare your master image.
  • Step 3: Create a machine catalog.
  • Step 4: Create a delivery group.
  • Step 5: Create delivery group custom policies.

Step 1: Verify that the Citrix Virtual Apps and Desktops environment is available

Be sure that your Citrix Virtual Apps and Desktops environment is available to use with this new feature. For setup details, see Install and configure Citrix Virtual Apps and Desktops.

Step 2: Prepare your master image

To prepare your master image:

  1. Locate the master image. Install your organization’s enterprise applications and any other apps your users generally find useful.

  2. Install the Virtual Delivery Agent (VDA) 1912. If an older version of the VDA is already installed, uninstall the old version first. When installing the new version, be sure to select and install the optional component, Citrix User Personalization Layer, as follows:

    1. Click the tile, Virtual Delivery Agent for Windows Desktop OS:

    VDA for Windows Desktop OS

    1. Environment: Select either Create a master MCS image or Create a master image using Citrix Provisioning or third-party provisioning tools.

    Create a master image

    1. Core Components: Click Next.

    2. Additional Components: Check Citrix User Personalization Layer.

    Create a master image

    1. Click through the remaining installation screens, configuring the VDA as needed, and click Install. The image reboots one or more times during installation.
  3. Leave Windows updates disabled. The user personalization layer installer disables Windows updates on the image. Leave the updates disabled.

The image is ready for you to upload into Studio.

Step 3: Create a machine catalog

In Studio, follow the steps to create a machine catalog. Use the following options during catalog creation:

  1. Select Operating System and set it to Single session OS.

  2. Select Machine Management and set it to Machines that are power managed. For example, virtual machines or blade PCs.

  3. Select Desktop Experience and set it to either pooled-random or pooled-static catalog type, as in the following examples:

    • Pooled-random:

      Pooled-random

    • Pooled-static: If you select pooled-static, configure desktops to discard all changes and clear virtual desktops when the user logs off, as shown in the following screenshot:

      Pooled-static

    Note:

    User personalization layer does not support pooled-static catalogs configured to use Citrix Personal vDisk or assigned as dedicated virtual machines.

  4. If you are using MCS, select Master Image and the snapshot for the image created in the previous section.

  5. Configure the remaining catalog properties as needed for your environment.

Step 4: Create a delivery group

Create and configure a delivery group, including machines from the machine catalog you created. For details, see the Create Delivery Groups.

Step 5: Create delivery group custom policies

To enable mounting of user layers within the Virtual Delivery Agents, you use configuration parameters to specify:

  • Where on the network to access the user layers.
  • How large to permit the user layer disks to grow.

The following steps explain how to define the parameters as custom Citrix policies in Studio, and then assign them to your delivery group.

  1. In Studio, select Policies in the navigation pane:

    Select Policies in Studio

  2. Select Create Policy in the Actions pane. The Create Policy window appears.

  3. Type ‘user layer’ into the search field. The following two policies appear in the list of available policies:
    • User Layer Repository Path
    • User Layer Size GB

      Note:

      Changing the User Layer Size in the policy does not change the size of existing layers.

  4. Click Select next to User Layer Repository Path. The Edit Setting window appears.

    User layer repository path

  5. Enter a path in the format \\server name or address\folder name in the Value field, Click OK:

    Enter repository path

  6. Optional: Click Select next to User Layer Size in GB:

    User layer repository path

  7. The Edit Settings window appears.

  8. Optional: Change the default value of ‘0’ to the maximum size (in GB) that the user layer can grow. Click OK.

    Note:

    If you keep the default value, the maximum user layer size is 10 GB.

  9. Click Next to configure Users and Machines. Click the Delivery Group Assign link highlighted in this image:

    User layer repository path

  10. In the Delivery Group menu, select the delivery group created in the previous section. Click OK.

    Select delivery group

  11. Enter a name for the policy. Click the check box to enable the policy, and click Finish.

    User layer policy name

Configure security settings on user layer folder

As a domain administrator, you can specify more than one storage location for your user layers. For each storage location (including the default) create a \Users subfolder and secure that location using the following settings.

Setting name Value Apply to
Creator Owner Modify Subfolders and Files only
Owner Rights Modify Subfolders and Files only
Users or group Create Folder/Append Data; Traverse Folder/Execute File;List Folder/Read Data; Read Attributes Selected Folder Only
System Full Control Selected Folder, Subfolders, and Files
Domain Admins, and selected Admin group Full Control Selected Folder, Subfolders, and Files

User layer messages

When a user is unable to access their user layer, they receive one of these notification messages.

  • User Layer In Use

    We were unable to attach your user layer because it is in use. Any changes you make to application settings or data will not be saved. Be sure to save any work to a shared network location.

  • User Layer Unavailable

    We were unable to attach your user layer. Any changes you make to application settings or data will not be saved. Be sure to save any work to a shared network location.

  • System not reset after user sign-out

    This system was not shut down properly. Please log off immediately and contact your system administrator.

Log files to use when troubleshooting

The log file, ulayersvc.log, contains the output of the user personalization layer software where changes are logged.

C:\ProgramData\Unidesk\Logs\ulayersvc.log
<!--NeedCopy-->

Limitations

Keep the following limitations in mind when installing and using the user personalization layer feature.

  • Do not configure the user personalization layer feature with persistent machine catalogs.
  • Do not use Session hosts.
  • Do not update the machine catalog with an image running a new OS install (even the same version of Windows 10). Best practice is to apply updates to the OS within the same master image used when creating the machine catalog.
  • Do not use boot-time drivers, nor any other early boot personalization.
  • Do not migrate PvD data to user personalization layer.
  • Do not migrate existing user layers from the full App Layering product to user personalization layer.
  • Do not change the user layer SMB path to access user layers created using a different master OS image.
  • Do not enable Secure Boot within User presonalization layer virtual machines, as it is not currently supported.

  • Microsoft SCCM Software Center can show an app installed on the user layer as unavailable, even if previously installed. The issue occurs when a user logs out of a session, and then back into a session on another machine in the pool. This behavior is a property of SCCM running in a VDI environment. Software Center only shows applications that the user has installed on the current machine, but the applications are still installed and fully functional.

    To verify that an application is installed, the user can select the application in Software Center and click Install. If the application is already installed in their user layer, SCCM updates the status to “Installed” and lists the app with the installed applications.

  • Software Center occasionally stops immediately after launching within a VDA that has the user personalization layer feature enabled. To avoid this issue, follow Microsoft’s recommendations for Implementing SCCM in a XenDesktop VDI environment. Also, make sure that the ccmexec service is running before you start the Software Center.

  • Group Polices (Computer Configurations): User layer settings override settings applied to the Master Image. Therefore, the changes that are made in Computer Settings using a GPO are not always present for the user on the next session login.

    To get around this issue, create a User Logon Script that issues the command:

    gpupdate /force

    For example, one customer set the following command to run at each user login:

    gpudate /Target:Computer /force

    For best results, apply changes to Computer Settings directly on the user layer, after the user has logged in.

User personalization layer