Keeping FSLogix Profiles small

Posted byJeff Riechers Leave a comment on Keeping FSLogix Profiles small

FSLogix on Non-Persistent desktops are a perfect way to keep user data persistent, and allows you to move data to OneDrive for better data portability between virtual environments and physical ones. With Files on Demand profiles only have the currently utilized data. But what about files you used, but haven’t touched for a while? If you don’t clean your profile you can have GBs of lost storage.

Enter Storage Sense. Starting with Windows 10 1903 and Server 2019 the ability to cleanup your cache data has been driven into GPO. I recommend setting the following settings to keep the profile looking nice and compact.

Cloud Content dehydration threshold – 7 days

Downloads cleanup threshold – 7 days

Storage Sense cadence – Every day

I don’t enable Recycle bin cleanup, as I actually disable the Recycle Bin for non-persistent sessions. Even with FSLogix supporting the roaming of Recycle Bin in the current revision I prefer to train users not to store important data in the trash.

With Storage Sense you also will want to pair this with the ability of the latest FSLogix to compact profiles at logoff. That way when Onedrive is dehydrated you see that reduced space on the profiles themselves.

UPDATE!

So in testing we found that OneDrive for Business was not dehydrating correctly. And from the combing on the internet, we were not alone. But thanks to Bracko Ewald there is an easy solution. Take the following code and create a PowerShell script with it.

$CutoffTime = (Get-Date).AddDays(-7)

get-childitem $env:OneDriveCommercial -Force -File -Recurse | where Attributes -eq 'Archive, ReparsePoint' | where LastAccessTime -le $CutOffTime | foreach {attrib.exe $_.fullname +U -P /s}

Then on your machine create a scheduled task (preferably not in the root folder as that will be disabled with my cleanup scripts) and set it to run at log on as the Builtin\Users group.

For the Action if you set the WindowStyle flag to Hidden powershell will just flash for a second and then run the process for users.

I am preferring to run this at the Log in of the user instead of the Log off so that this doesn’t interfere with FSLogix’s compaction of the now smaller profile.

If you don’t have your Execution Policy set as unrestricted, you can add -ExecutionPolicy Bypass to your arguments on your scheduled task.

Update 2! Electric Boogaloo!

Was working on a brand new deployment for a client with new FSLogix profiles, and noticed some users were under 1 GB of Storage, but a large number were up into the 10 GB range. Also the user’s with larger profiles also seemed to be losing their Google Bookmarks. Digging in we found that some machines were dropping entries into the registry to create a new Profile folder instead of using User Data. And each machine had a different random name for that Profile folder. Here is an example from a user’s container.

That’s a lot of cached data we don’t need.

So to eliminate this data from coming to new profiles in the future, we modified the redirections.xml to keep this from happening in the future. I recommend periodically mounting large profiles in your organization, and look to see if there is data being included that really shouldn’t be there. OneNote automatic backup has become a new large file creation in the profile. Use GPO to either disable the backups, since they are now cloud stored, or put it somewhere else on-premise, like a user’s network share.

<?xml version="1.0" encoding="UTF-8"?>
<FrxProfileFolderRedirection ExcludeCommonFolders="153">

<Excludes>
     <Exclude Copy="0">Downloads</Exclude>
     <Exclude Copy="0">Saved Games</Exclude>
     <Exclude Copy="0">Contacts</Exclude>
     <Exclude Copy="0">Tracing</Exclude>
     <Exclude Copy="0">AppData\LocalLow</Exclude>
     <Exclude Copy="0">AppData\Local\Apps</Exclude>
     <Exclude Copy="0">AppData\Local\ConnectedDevicesPlatform</Exclude>
     <Exclude Copy="0">AppData\Local\Downloaded Installations</Exclude>
     <Exclude Copy="0">AppData\Local\assembly</Exclude>
     <Exclude Copy="0">AppData\Local\CEF</Exclude>
     <Exclude Copy="0">AppData\Local\Comms</Exclude>
     <Exclude Copy="0">AppData\Local\Deployment</Exclude>
     <Exclude Copy="0">AppData\Local\FSLogix</Exclude>
     <Exclude Copy="0">AppData\Local\GroupPolicy</Exclude>
     <Exclude Copy="0">AppData\Local\Packages</Exclude>
     <Exclude Copy="0">AppData\Local\Sun</Exclude>
     <Exclude Copy="0">AppData\Local\Temp</Exclude>
     <Exclude Copy="0">AppData\Local\VirtualStore</Exclude>
     <Exclude Copy="0">AppData\Local\CrashDumps</Exclude>
     <Exclude Copy="0">AppData\Local\Package Cache</Exclude>
     <Exclude Copy="2">AppData\Local\Microsoft\Office\16.0\PowerQuery</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\TokenBroker\Cache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Notifications</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Internet Explorer\DOMStore</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Internet Explorer\Recovery</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\MSOIdentityCRL\Tracing</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Messenger</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Terminal Server Client</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\UEV</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Application Shortcuts</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Mail</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\WebCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\WebCache.old</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\AppCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Explorer</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\DNTException</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\IECompatCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\iecompatuaCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Notifications</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\PRICache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\PrivacIE</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\RoamingTiles</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\SchCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Temporary Internet Files</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\0030</Exclude>
     <Exclude Copy="0">AppData\Local\webex</Exclude>
     <Exclude Copy="0">AppData\Local\Google\Chrome\</Exclude>
     <Exclude Copy="2">AppData\Local\Microsoft\Edge\User Data\Default\Service Worker</Exclude>
     <Exclude Copy="2">AppData\Local\Microsoft\Edge\User Data\Default\Cache</Exclude>
     <Exclude Copy="2">AppData\Local\Microsoft\Edge\User Data\Default\Code Cache</Exclude>
     <Exclude Copy="2">AppData\Local\Microsoft\Edge\User Data\Default\blob_storage</Exclude>
     <Exclude Copy="2">AppData\Local\Microsoft\Edge\User Data\Profile 1</Exclude>
     <Exclude Copy="2">AppData\Local\Google\Chrome\User Data\Default\Service Worker</Exclude>
     <Exclude Copy="2">AppData\Local\Google\Chrome\User Data\Default\Cache</Exclude>
     <Exclude Copy="2">AppData\Local\Google\Chrome\User Data\Default\Code Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat</Exclude>
     <Exclude Copy="0">AppData\Roaming\Adobe\Acrobat\DC</Exclude>
     <Exclude Copy="0">AppData\Roaming\Adobe\SLData</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Document Building Blocks</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Windows\Network Shortcuts</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Windows\Printer Shortcuts</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\log</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\tmp</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\tmp</Exclude>
     <Exclude Copy="0">AppData\Roaming\ICAClient\Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\</Exclude>
     <Exclude Copy="0">AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\flashplayer\#SharedObjects\</Exclude>
     <Exclude Copy="2">AppData\Roaming\Zoom</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Teams\Packages\SquirrelTemp</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Service Worker\CacheStorage</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Application Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Code Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft Teams\Logs</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Media-Stack</Exclude>    
     <Exclude Copy="0">AppData\Local\Microsoft\OneNote\16.0\cache\tmp</Exclude> 
     <Exclude Copy="0">AppData\Local\CiscoSparkLauncher</Exclude> 
</Excludes>

<Includes>
     <Include>AppData\LocalLow\Sun\Java\Deployment\security</Include>
     <Include>AppData\Local\Google\Chrome\User Data</Include>
</Includes>

</FrxProfileFolderRedirection>

If you are using FSLogix Hotfix 3 for Teams 2.1, then this should be your redirections.xml.

<?xml version="1.0" encoding="UTF-8"?>
<FrxProfileFolderRedirection ExcludeCommonFolders="25">

<Excludes>
     <Exclude Copy="0">Saved Games</Exclude>
     <Exclude Copy="0">Tracing</Exclude>
     <Exclude Copy="0">AppData\Local\ConnectedDevicesPlatform</Exclude>
     <Exclude Copy="0">AppData\Local\Downloaded Installations</Exclude>
     <Exclude Copy="0">AppData\Local\assembly</Exclude>
     <Exclude Copy="0">AppData\Local\CEF</Exclude>
     <Exclude Copy="0">AppData\Local\Comms</Exclude>
     <Exclude Copy="0">AppData\Local\Deployment</Exclude>
     <Exclude Copy="0">AppData\Local\FSLogix</Exclude>
     <Exclude Copy="0">AppData\Local\GroupPolicy</Exclude>
     <Exclude Copy="0">AppData\Local\Sun</Exclude>
     <Exclude Copy="0">AppData\Local\Temp</Exclude>
     <Exclude Copy="0">AppData\Local\VirtualStore</Exclude>
     <Exclude Copy="0">AppData\Local\CrashDumps</Exclude>
     <Exclude Copy="0">AppData\Local\Package Cache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Office\16.0\PowerQuery</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\TokenBroker\Cache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Notifications</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Internet Explorer\DOMStore</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Internet Explorer\Recovery</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\MSOIdentityCRL\Tracing</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Messenger</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Terminal Server Client</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\UEV</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Application Shortcuts</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Mail</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\WebCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\WebCache.old</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\AppCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Explorer</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\DNTException</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\IECompatCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\iecompatuaCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Notifications</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\PRICache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\PrivacIE</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\RoamingTiles</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\SchCache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\Temporary Internet Files</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Windows\0030</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Media Player</Exclude>
     <Exclude Copy="0">AppData\Local\webex</Exclude>
     <Exclude Copy="0">AppData\Local\Google\Chrome\</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Edge\User Data\Default\Service Worker</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Edge\User Data\Default\Cache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Edge\User Data\Default\Code Cache</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Edge\User Data\Default\blob_storage</Exclude>
     <Exclude Copy="0">AppData\Local\Google\Chrome\User Data\Default\Service Worker</Exclude>
     <Exclude Copy="0">AppData\Local\Google\Chrome\User Data\Default\Cache</Exclude>
     <Exclude Copy="0">AppData\Local\Google\Chrome\User Data\Default\Code Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat</Exclude>
     <Exclude Copy="0">AppData\Roaming\Adobe\Acrobat\DC</Exclude>
     <Exclude Copy="0">AppData\Roaming\Adobe\SLData</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Document Building Blocks</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Windows\Network Shortcuts</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Windows\Printer Shortcuts</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\log</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\tmp</Exclude>
     <Exclude Copy="0">AppData\Roaming\Sun\Java\Deployment\tmp</Exclude>
     <Exclude Copy="0">AppData\Roaming\ICAClient\Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\</Exclude>
     <Exclude Copy="0">AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\flashplayer\#SharedObjects\</Exclude>
     <Exclude Copy="2">AppData\Roaming\Zoom</Exclude>
     <Exclude Copy="0">AppData\Local\Microsoft\Teams\Packages\SquirrelTemp</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Service Worker\CacheStorage</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Application Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Code Cache</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft Teams\Logs</Exclude>
     <Exclude Copy="0">AppData\Roaming\Microsoft\Teams\Media-Stack</Exclude>    
     <Exclude Copy="0">AppData\Local\Microsoft\OneNote\16.0\cache\tmp</Exclude> 
     <Exclude Copy="0">AppData\Local\CiscoSparkLauncher</Exclude> 
     <Exclude Copy="0">AppData\Local\OneLaunch</Exclude> 
     <Exclude Copy="0">AppData\Local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\Logs</Exclude> 
     <Exclude Copy="0">AppData\Local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\PerfLogs</Exclude> 
     <Exclude Copy="0">AppData\Local\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\WebStorage</Exclude> 
</Excludes>

<Includes>
     <Include>AppData\LocalLow\Sun\Java\Deployment\security</Include>
     <Include>AppData\Local\Google\Chrome\User Data</Include>
</Includes>

</FrxProfileFolderRedirection>

However, this will not remove these unwanted folder from their profile. So you either will have to manually mount these folders offline for cleanup, or just reset the user profile and have them start over from scratch.

Inline Update Trois

So I was able to find a way to empty folders from your existing profile. It was written very poorly in the documentation, so I just fiddled with numbers until I found the action I wanted.

If you change the Copy=”0″ entry for the line to Copy=”2″ then it will create an empty folder in the local_profile location, and then copy that folder into the profile, effectively zeroing out the data. Once this has cleared out the items you want, you can then switch it back to Copy=”0″ for normal profile operation.

But why was Chrome being such a pain? Well it looks like there was some form of micro-update being applied to the image, and this update dropped an entry into the HKLM registry to direct profiles to a new location.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome]
“UserDataDir”=”${local_app_data}\Google\Chrome\RandomGarbageString”

To fix this, I modified my Chrome GPO to set this registry string to the correct location.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome]
“UserDataDir”=”${local_app_data}\Google\Chrome\User Data”

Now besides this registry entry, some servers would also modify the Default User Profile. New profiles created would get a User Data folder copied over that user’s couldn’t access. So when they would open chrome, it would immediately close. To fix this I use the same GPO to delete the folder from the Default User Profile. We also hard disabled updates in Chrome. We will let out update process handle new versions of Chrome.

For those new users that couldn’t access chrome, deleting the User Data allowed it to be re-created correctly for the user.

Leave a comment

Your email address will not be published. Required fields are marked *