This article focuses on Liquidware ProfileUnity profile manager with a Nutanix Frame Desktop as a Service (DaaS) deployment. We will break down the ProfileUnity capabilities and a high-level implementation as follows:
- What is Liquidware ProfileUnity
- How Does Liquidware ProfileUnity Work
- Why ProfileUnity with Frame
- ProfileUnity vs Nutanix Frame Enterprise Profiles
- How to implement Liquidware ProfileUnity with Frame
What Is ProfileUnity
Liquidware ProfileUnity is a User Environment management solution that delivers a full spectrum of features that includes Profile Management, and Centralized Policy Management that goes beyond traditional Microsoft Group Policies, as well as advanced features such as Privilege Elevation and Application Rights Management.
The capabilities with Liquidware ProfileUnity are vast and far reaching, some key aspects are:
- Centralized Dynamic User Profile, App Management, and Policy Managementacross all Windows workspaces.
- Context-aware filters apply profiles, app management, policies and FlexApp delivery.
- Works across mixed OS versions for zero downtime migrations/co-existence.
- Supports Physical, Virtual, and Cloud Workspaces – Amazon Workspaces, Nutanix Frame, Microsoft Azure, Google Cloud Platform, and others.
In this blog we will discuss specific aspects of the product, primarily the User Profile and Policy Management features configured within a Nutanix Frame deployment as the area of focus. A future blog will cover the Application Management aspects with Nutanix Frame.A breakdown of ProfileUnity from a reference architecture perspective is as shown in the figure listed below:
How Does Liquidware ProfileUnity Work
Liquidware ProfileUnity is available as a standalone product and consists of three parts:
- The Management Console – provides one central location where administrators can configure persona management, user, and machine policies.
- The Client Tools – manages each user’s settings and persona during their session.
- The FlexApp Packaging Console (optional) – allows administrators to configure and prepare any applications that will need to be configured for users and made available as a department installed application (DIA) through application layering. (Planned to be covered in a future blog.)
The user environment is centrally managed via the Management Console and configured and maintained within a database to point to file shares and storage locations for configuration file settings, (a Liquidware ProfileUnity Netlogon or UNC Shared folder) and for user data and configuration persistence (a ProfileUnity user data share or storage container location). As users login, the user experience is actively configured, monitored, and maintained while in a session, then persisted and written back to the user data location by ProfileUnity at logoff. There are many areas in which ProfileUnity can manage a user environment and persona. All contained within a configuration database, managed within the ProfileUnity console. These can be seen in the figure listed below:
Note the items with numbers in red in the figure above, these are the areas in which configurations have been set (all of which are default settings by ProfileUnity). These items in red are as listed below:
- Portability Settings (35)
- User Defined Scripts (7)
- Application Launcher (15)
- Registry (28)
- Folder Redirection (6)
- Windows Options (1)
The initial numbers listed beside each in red are the active configurations that have been set, that are general best practice configurations Liquidware has found to enhance a user’s environment experience and persona in a Windows desktop environment.
Liquidware has created configuration templates that automatically pre-configure settings based on the goals you are trying to achieve in your environment. You also can add or import custom templates into this library from the Administration area.
There are two user profile or persona specific areas of a Liquidware ProfileUnity deployment that can be used for persistence these are:
- Profile Disk (VHD or VHDX)
- Portability Settings (Files and Folders)
A ProfileUnity deployment can leverage either or both capabilities depending on use case needs and requirements.
The profile disk is what is called the “E-Z button” for user data persistence. It will simply capture all user data and changes within a session and write the data and changes back to a mounted profile disk located on a traditional file share, or in a cloud-based storage model. This method consumes more storage space but allows for a more fundamental approach to user data persistence. Also, user data cannot be migrated directly into or out of the disk. As an option, a Microsoft FSLogix profile disk can be used instead to accomplish a similar unmanaged profile. It is important to note that either Profile Unity’s Profile Disk or FSLogix profiles are susceptible to Microsoft profile issues such as profile corruption. Profile Unity’s Portability feature mentioned below overcomes profile corruption and adds robust capabilities, such as profile rollbacks, to either a Profile Disk or an FSLogix profile.
The portability settings are a more dynamic approach that can be used alone or alongside a Profile Disk or FSLogix profiles. Profile Portability stores a folder and registry have a users’ profile on a traditional file share, or in a cloud-based storage model. Profile Portability allows you to manage the user experience more granularly to meet more demanding use case requirements, that go beyond simply persisting user data. When used with Profile Disk or an FSLogix profile, profiles can be set to automatically heal if they become corrupt. Profiles can also be rolled back by an Administrator. Only select profile data is saved (a smart profile) and the data is also compressed when stored. This method uses less storage space when that is a requirement, additionally this is also ideal for user profile migration strategies as ProfileUnity’s portable profiles work across multiple Windows OS versions automatically.