Profile Management

Enable logon exclusion check

The Enable Logon exclusion check feature controls what Profile Management does if a profile in the user store contains excluded files and folders when a user logs on. By default, the feature is disabled.

Excluded files and folders refer to files and folders that you add to the Exclusion list - files and Exclusion list - directories policies respectively. When users log off, Profile Management doesn’t synchronize excluded files and folders to the user store. However, excluded files and folders might exist in the user store before you add them to exclusion lists. With the Enable logon exclusion check policy, you can have Profile Management ignore those files and folders or delete them from the user store when users log on.

To use this feature, follow these steps:

  1. Open the Group Policy Management Editor.
  2. Under Computer Configuration > Policies > Administrative Templates: Policy definitions (ADMX files) > Citrix Components > Profile Management > File system, double-click the Logon Exclusion Check policy.
  3. Select Enabled.
  4. Select an option from the drop-down menu. By default, Delete excluded files or folders is selected.
  5. Click OK.

This feature provides the following three options:

  • Delete excluded files or folders. Deletes the excluded files and folders from the user store when a user logs on.
  • Ignore excluded files or folders. Ignores the excluded files and folders from the user store when a user logs on.
  • Synchronize excluded files or folders. Synchronizes the excluded files and folders from the user store to a local profile when a user logs on.

Warning:

If you select Delete excluded files or folders, Profile Management deletes your excluded files and folders from the user store permanently. If you include the excluded files and folders again, Profile Management still deletes them from the cached local profile when you log on.

For your changes to take effect, run the gpupdate /force command from the command prompt. Log off and log back on. For more information, see https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/gpupdate.

To enable logon exclusion check using the .ini file, do the following:

  1. Open the Profile Management .ini file.
  2. Add the EnableLogonExclusionCheck item in the [General Settings] section.
  3. Set a value for the EnableLogonExclusionCheck item as follows:
    • To ignore the excluded files and folders specified in the exclusion list from the user store, set the value to 1; for example, EnableLogonExclusionCheck=1.
    • To delete the excluded files and folders specified in the exclusion list from the user store, set the value to 2; for example, EnableLogonExclusionCheck=2.
    • To disable the check, set the value to 0; for example, EnableLogonExclusionCheck=0.
  4. Save and close the Profile Management .ini file.
  5. Run the gpupdate /force command to make your changes take effect.

Configuration precedence:

  1. If this setting isn’t configured in Group Policy Objects (GPOs), the value in the .ini file is used.
  2. If this setting is configured in neither the GPOs nor the .ini file, the policy is disabled.
Enable logon exclusion check

In this article