Part of:Basics of roaming profiles in the enterprise
How to address roaming profiles with GPOs
Roaming profiles can personalize nonpersistent virtual desktops, but IT should plan GPOs, folder redirection, profile versions and FSLogix alternatives.
When organizations deploy a new virtual desktop environment, user profiles can significantly affect the user experience.
It's easy for IT administrators -- especially newer admins -- to focus on the virtual desktop image, applications and access policies while overlooking profile strategy. But profile management determines whether users keep the settings, files and personalization they need from one session to the next.
Roaming profiles remain one way to handle this need in nonpersistent virtual desktop environments, but they shouldn't be treated as the default choice for every deployment. IT teams should understand how roaming profiles work, how Group Policy Objects (GPOs) apply them and when newer profile management options such as FSLogix profile containers might be a better fit.
User profiles include the option to modify settings such as the Start menu and taskbar appearance, background, and colors within a virtual desktop. For example, a left-handed user would be frustrated if their virtual desktop presented a right-handed mouse. Being able to designate the left or right mouse setting is not only important for user productivity, but it might also be a legal requirement.
When users request a nonpersistent virtual desktop, they generally just access the base OS. The user profile strategy determines which settings the user can access and how the virtual desktop applies these settings.
3 user profile options
There are three types of basic user profiles: local, mandatory and roaming.
1. Local profile
Temporary settings that the user configures on the virtual desktop are stored in what's considered a local profile. The virtual desktop platform creates a local profile at logon based on a copy of the default profile. Users might become frustrated with local profiles because they require them to adjust the same settings at the start of each session. For example, a left-handed mouse user will need to modify the left/right mouse setting at each logon. While local profiles are the default setting, they're often not optimal, and IT administrators should avoid them.
2. Mandatory profile
When the environment forces a profile upon users, and the users cannot permanently modify it, this is a mandatory profile. For example, a call center might deploy a mandatory profile for all agents that provides the corporate colors, streamlined presentation of application icons, and more. That left-handed user can modify the left/right mouse setting, but the virtual desktop won't write this into the mandatory profile. While these profiles are easy for IT admins to install and manage, mandatory profiles often frustrate users because they can't customize their virtual desktops.
3. Roaming profile
This type of profile enables users to modify and customize settings. When the left-handed user changes the left/right mouse setting, the desktop writes it to the roaming user profile, and the virtual desktop saves it. Therefore, the left-handed mouse setting is in effect at the next virtual desktop session, and the user doesn't need to modify the setting again. From an administrative standpoint, roaming profiles have higher overhead and require more storage, but the UX is optimized and users are generally happier.
With both mandatory and roaming profiles, the user profile is applied to the virtual desktop before the user accesses it. As a result, logon time might increase slightly while the environment loads the profile into the session.
In addition to the basic user profile types, numerous third-party user profile management offerings are available. FSLogix profile containers are also a common Microsoft option for virtual desktop and Azure Virtual Desktop environments. IT departments often use these tools when they need faster sign-ins, better support for nonpersistent desktops, Microsoft 365 app data or more advanced profile management features than traditional roaming profiles provide.
Why use roaming profiles for virtual desktops?
Of the three inherent user profile types, roaming profiles provide the best UX because settings are personalized based on user modifications. Users typically only modify a few settings for their desired level of personalization, and this level of customization is important for usability, accessibility and productivity.
That benefit still matters, but IT should balance it against the operational cost. Roaming profiles require careful storage planning, profile size control and attention to sign-in and sign-out performance. In modern virtual desktop environments -- especially nonpersistent desktops -- profile containers or third-party profile management tools might provide a better UX with less profile-copying overhead.
Administratively, roaming profiles require more effort -- mainly configuration and storage. Configuration occurs through the roaming profile's GPO. User profiles can become quite large, thus affecting storage requirements and load times.
Mixed Windows environments require careful planning because profile formats, Start menu behavior and user customizations might not roam cleanly across every OS scenario.
A roaming profile can become corrupted, in which case IT will need to restore the profile from storage. One common risk is using the same roaming profile across multiple Windows versions or builds without validating profile-version compatibility. Mixed Windows environments require careful planning because profile formats, Start menu behavior and user customizations might not roam cleanly across every OS scenario.
Organizations often implement roaming profiles with folder redirection to centralize user data and reduce roaming profile size. Folder redirection is especially useful for keeping large user folders, such as Documents and Desktop, outside the roaming profile. IT should configure folder redirection before enabling roaming profiles so user files don't become part of the profile and increase sign-in and sign-out times.
How to deploy roaming profiles using Group Policy Objects
Before configuring roaming profiles through GPOs, IT should confirm that roaming profiles are still the right profile management option for the environment. For large nonpersistent VDI deployments, sessions that rely heavily on Microsoft 365 app data, or AVD, FSLogix profile containers or another profile management tool might be a better fit.
Once the IT department determines that roaming profiles are the best option for the virtual desktop environment, setting them up through the roaming profiles GPO is straightforward. Many organizations enable roaming profiles only for virtual desktops and use a centralized profile management approach to deliver a more consistent user experience.
Keep in mind there are two possible ways to configure roaming profiles: a roaming profile for all user sessions, or a roaming profile that applies only to remote desktop sessions. These instructions apply only to remote desktops. Also, if both a standard roaming profile and a remote desktop roaming profile are in place, the remote desktop roaming profile will apply itself to the remote sessions.
IT administrators should configure GPOs within Active Directory Group Policy Management. The organization unit where the virtual desktops reside should be the basis for the roaming profiles' GPO designation. IT should also assign the appropriate security group or groups. In addition, IT must designate a file share location with ample storage to house the roaming profiles.
IT administrators should enable roaming profiles for virtual desktops as a computer GPO. Specifically, they should configure it within this GPO: Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Profiles.
Then, choose Set path for Remote Desktop Services Roaming User Profile. Within the Profile path box, administrators should designate the storage location. In addition, IT should append %username% to provide a unique profile directory for each user (Figure 1).
Figure 1. Admins can set the Remote Desktop Services roaming profile path in Group Policy and append %username% to create unique profile folders.
Within many organizations, virtual desktop administrators might not have security clearance to configure roaming profile GPOs. Organizations should ensure that admins have a lab environment to thoroughly test roaming profile GPO settings before creating a change control order for production rollout.
After deployment, IT should monitor profile size, sign-in duration, sign-out duration, storage consumption and profile corruption incidents. Those metrics can help determine whether roaming profiles are still meeting user needs or whether the environment should move to FSLogix or another profile management approach.
Editor's note:This article was updated in May 2026 to reflect current Windows profile management considerations, including Windows 11, profile versioning, folder redirection and FSLogix profile containers.
Jo Harder has been involved with virtualization for over 19 years. She focuses on Citrix virtualization solutions and has been a Citrix Technology Professional (CTP) for four years.
