Getty Images/iStockphoto

What is a roaming profile, and how does it work?

Though newer tools are available, a Microsoft roaming profile is a simple and time-tested way to manage a user's profile across physical and virtual desktop environments.

Microsoft's roaming profiles give IT administrators a basic option to provide users with their personal settings and data on any Windows device or virtual desktop connected to the corporate network.

Windows systems maintain a profile for each user who logs in to the OS. The user's profile folder contains user-specific data and user's packaged data on customizations such as application configuration data, browser history, documents, photos and much more.

A user profile's location varies depending on which version of Windows an organization uses, but most newer Windows versions include a folder named C:\Users. A user's local profile lives there in another folder usually titled with the user's name or an identifying number that IT assigns.

The problem with standard user profiles is that they are tied to an individual desktop. If users log in from a different physical desktop or virtual desktop, their profile data won't exist on that machine. If the user logs in to a new machine, Windows creates a new and empty local profile for the user. This is where it's important for IT professionals to know what a roaming profile is.

What is a roaming profile?

A roaming profile is very similar to the local profiles that exist on every Windows desktop. The difference is that, rather than being stored locally on the desktop, a roaming profile is stored on a network server. Because the roaming profile is centralized, as opposed to being local to a specific desktop, the profile data can follow the user from one machine to another. This means that the user will have access to all the data that's stored within their profile, regardless of which of the networked Windows PCs they log in to.

How do roaming profiles work?

With a roaming user profile, employees' data follows them from device to device, so long as those devices are part of the same Active Directory environment and run a Windows OS. These profiles are stored on a network server rather than on a desktop computer. Admins can configure Active Directory so that it associates the roaming user profile with the user's account.

A graphic showing the services in Active Directory including Domain Services, Lightweight Directory Services and Certificate Services.

When an employee logs in, Windows copies the user's profile from the network to the local computer that the employee has logged in to. When the employee logs off, Windows copies any updates the user made to profile data from the desktop computer to the network copy of the profile. This process ensures that the roaming user profile contains current data the next time the employee logs in to a virtual desktop or PC.

If an organization decides to use roaming profiles, then it will need to take steps to control the volume of data that is associated with each profile. Otherwise, the profile can grow to become quite large. This can be a problem because the profile must be copied to the user's computer each time the user logs on, and the profile also has to be copied from the user's desktop to a network server when the user logs off. In some real-world deployments, it can take nearly an hour for users to log in, simply because of the volume of profile data that had to be copied to the user's desktop as a part of the login process.

How to use folder redirection with roaming profiles

The best way to avoid this problem is to use folder redirection. Library folders such as Documents, Pictures and Videos are a part of a user's profile and can accumulate large amounts of data. Many organizations use folder redirection as a way of moving these folders to a network file share, so that they are stored outside of the user's profile. In doing so, the user might have the illusion that documents are still located in their library folders, when the documents are stored on a centrally accessible network share instead.

The most obvious benefit to using folder redirection is that it can reduce the time required for a user to log on or log off. However, another potential benefit is that folder redirection can sometimes make it easier to back up a user's files.

What are the software and hardware requirements for roaming profiles?

For an organization to use roaming profiles, its servers must be running Windows Server 2008 or newer. Similarly, desktops must be running Windows 7 or later. These systems must be domain joined.

If an organization wants to use roaming profiles, then it's best to try to use a consistent version of Windows across all the desktops. If there are multiple desktop versions -- such as some machines running Windows 10 and others running Windows 11 -- then IT should create two profile versions -- one for each OS.

Admins need to make sure that the server where the profiles reside has enough free space to accommodate all the profiles. Remember, if users need two different versions of each profile, that effectively doubles the storage requirements. IT will also need to let its users know that a profile change that they make to one OS won't show up if they log in to a different OS because two different profiles are being used. This simple fact further underscores the importance of using folder redirection to store documents and other data files outside of the profile.

Otherwise, if a user creates a document on a Windows 10 machine, that document might not be available if the user logs in to a machine that's running Windows 11. This holds true even if the user creates the document on a Windows 10 machine and then that machine is upgraded to Windows 11. The document remains inaccessible, even though the user is logging in to the same machine.

Roaming user profiles are still a good basic option to provide the same experience across PC and virtual desktop environments, but third-party user profile management tools are also available for organizations that know more specific features they need.

What options are there to manage roaming user profiles?

Roaming profiles have been a standard and cost-effective way to deliver user settings across physical and virtual desktops for more than a decade, although Microsoft also released a UX management tool called User Experience Virtualization (UE-V) in 2012. Microsoft UE-V virtualizes users' Oses and application settings from a settings store on a file server. UE-V has been updated several times over the years, and the most recent version is compatible with Windows 10, but is not officially supported for use with Windows 11.

Roaming user profiles are still a good basic option to provide the same experience across PC and virtual desktop environments, but third-party user profile management tools are also available for organizations that know more specific features they need.

How to deploy a roaming profile

Setting up roaming profiles tends to be a relatively easy and straightforward process. The first step is to create a share on a file server and to set up the appropriate permissions. Administrators will need full control, and end users -- who will be seen as creator owners -- will require full control over their own profile folders. Users should not have the ability to access someone else's profile folder.

Once the necessary network share is in place, admins can create a Group Policy setting that sets the profile path to the network share that IT created. There are also some other settings that admins can enable at the group policy level to fine-tune the behavior of roaming profiles. This includes folder redirection, but there are other settings related to things like caching or slow link detection.

Editor's note: This article was originally written by Brien Posey in May 2020. He updated this article in May 2025 to include more information on hotspot devices and improve readability.

Brien Posey is a former 22-time Microsoft MVP and a commercial astronaut candidate. In his more than 30 years in IT, he has served as a lead network engineer for the U.S. Department of Defense and a network administrator for some of the largest insurance companies in America.

Dig Deeper on Virtual and remote desktop strategies