by Colm Govin, Citrix
In Citrix Virtual Apps and Desktops 1912 release, we introduced the User Personalization Layer (UPL) feature. UPL comes from the Citrix App Layering side of the house and anyone who knows about user layers will be familiar with this functionality which was brought natively into Citrix Virtual Apps and Desktops without any additional infrastructure needed. UPL is here to extend the capabilities of non-persistent machine catalogs, as well as to preserve user data and locally-installed applications across sessions.
UPL replaces Personal vDisk (PvD), which has been deprecated as of 7.13 release. Like PvD, the User Personalization Layer feature works with Citrix Provisioning and Machine Creation Services (MCS) in a non-persistent machine catalog. The feature components are installed alongside the VDA within the master Windows 10 image. User applications and data are stored on their own user layer in a VHD file, which is then mounted on the image. So, when a user logs into any desktop in the pool of machines, their layer will be attached instantly, giving them access to their installed apps and data. This gives a persistent experience for end users with minimal IT involvement or overhead.
User personalization settings
- To enable mounting of user layers within the VDA, use the following configuration parameters to specify:
- Location of the user layer. (SMB file share)
- How large any new user layer disks are permitted to grow.
These two policies will be in studio to do this:
- User Layer Repository Path – Enter a path in the format ‘\\server name or address\folder name’.
- User Layer Size GB – Change the default value of 10 to the maximum size (in GB) that the user layer can grow. If you don’t change the default value, the maximum user layer size is 10GB.
- Changing the User Layer Size in the policy in studio does not change the size of existing layers.
- Default layer size is 10. The maximum you can set is 2040.
What are the benefits of UPL over PVD and how is it different from App Layering User Layers?
- UPL uses User Layer technology without the need for the Layering Appliance (ELM).
- UPL can be deployed into the Cloud.
- UPL supports modern Windows 10.
- UPL layers attach instantly and in real-time.
UPL caveats and restrictions:
- UPL is only supported with Windows 10 64-Bit images. (1607 or later)
- UPL supports pooled (non-persistent) desktop machine catalogs (no support for session hosts).
- There is no migration path from PVD to UPL.
- There is not currently a migration path of UPL to full App Layering with User Layers (possible integration here to do this coming, keep an eye out).
- Updating the catalog with a different master image may cause issues.
- User-installed apps requiring the Windows Driver Store should be installed in the master image.
- Strongly recommended that UPL be used along with a separate user profile management solution (such as Citrix Profile Manager) as there is no integrated profile management feature within UPL.
The following apps are not supported for use with UPL:
- Enterprise applications, such as MS Office and Visual Studio.
- Applications that modify the network stack or hardware. Example: a VPN client.
- Applications that have boot level drivers. Example: a virus scanner.
- Applications with drivers that use the driver store. Example: a printer driver. (You can make printers available using Windows GPOs.)
1. User Layer Repository
The very first step is to create the SMB directory where user layer VHD’s are going to be located.
Best practice configuration for securing that location using the following permissions:
|Setting name||Value||Apply to|
|Creator Owner||Modify||Subfolders and Files only|
|Owner Rights||Modify||Subfolders and Files only|
|Users or group:||Create Folder/Append Data; Traverse Folder/Execute File;List Folder/Read Data; Read Attributes||Selected Folder Only|
|System||Full Control||Selected Folder, Subfolders, and Files|
|Domain Admins, and selected Admin group||Full Control||Selected Folder, Subfolders, and Files|
2. Install the VDA
Head over to https://www.citrix.com/en-gb/downloads/citrix-virtual-apps-and-desktops/product-software/citrix-virtual-apps-and-desktops-1912.html and download the latest, or minimum 1912, version of the VDA software.
When I first started looking at this, I decided to see what would happen if I installed it in the platform layer. This is where you would install the VDA if you use App Layering today. Below you will see I do not have any option at all for using this new feature, UPL. By design, the option to select UPL will not appear in the meta-installer if it already has app layering drivers/services installed. If you are using the full app layering product and want user persistence, you need to use User Layers – something to take note of if you try to do the same here and are wondering where the option even is.
Back to it, open up your clean Windows 10 master image on your hypervisor and start the VDA installer. Begin MCS master image creation:
The UPL option now appears as part of the 1912 release:
Follow the rest of the configuration screens as normal, adding in your delivery controllers, additional features etc, and then install the VDA. At this point, the master image is ready and we can move on to creating the machine catalog, delivery group and policies before testing.
3. Machine Catalog
Navigate to studio and create a new machine catalog.
Here we have two options where a user can have the same desktop each time or a random one – pick which one works for you.
Make sure to select “No, discard all changes…” as all user changes will go into their user layer.
Follow the rest of the configuration screens as normal, selecting your master image as created in previous steps, machines you want via MCS, etc., and then finish the creation of the machine catalog. When the catalog has finished creation and your new machines are online, you can go ahead and start your delivery group.
4. Delivery Group
There is nothing special or specific to UPL, so just include the machines from the machine catalog you just created, as well as the appropriate users who need access to this Desktop and click finish.
The two new Studio policies below have been introduced as of 1912 and will enable the UPL integration to work.
Enable both polices, adding in the SMB location and layer size per user.
Then assign the policy to the previously created delivery group and save.
6. Test Drive
First login, I ran PowerShell to check if the new disk was attached. Below (highlighted) you can see the new 10 GB layer is mounted at login to persist all changes.
Next, I installed notepad ++ as a test application to prove logging out and back in worked fine and, as you can see below, it launched for me as expected.
If you encounter issues open the log file, ulayersvc.log which has the output of the UPL software. Changes are logged at this location: C:\ProgramData\Unidesk\Logs\ulayersvc.log
Looking at the storage location we created at the beginning, we can see the folder structure is created so that each user is separated with their own disk as well as records to logon and logoff events. These logs can be very useful if anything happens during user sessions in addition to the other log mentioned above should something not work as expected in a user layer.
Lastly, should you wish, you can reduce the number of logs that are retained by heading over to the registry: HKLM\Software\Unidesk\Ulayer. Here, you can add a dword value “ExtendedDiagRetentionCount“–setting this to 0 turns it off, the max is 30. By default, this is set to 5 and I would recommend leaving it there, this means roughly 50MB of disk space per user. Ideally, if you have adequate logs and support needs to help they would need as much as possible but space can sometimes be at a premium so this option is here should you need it.