In a Windows network environment, there are many pros and cons involving the use of roaming profiles versus local profiles. In addition to the security matters, there are issues with data loss, file storage, bandwidth, and more. In this article, I will discuss some of the things I have run across in my work in the IT field.
A user profile is a collection of data specific to one user. This includes data like your Favorites in Internet Explorer, your Outlook settings, and so on. Windows is designed to store each user’s data in one location, such as the computer’s hard drive or on a server. When you log into a computer, it loads your user profile data along with whatever software you have set to load at startup.
In case you didn’t know, a roaming profile is a user profile that is stored on a server, and it is downloaded to the PC whenever a user logs in. This way, the user can access their information and settings no matter what computer they log into. A local profile is one that is stored just on one computer, and very little data is transmitted between the PC and the server when the users logs on.
Automatically backs up user data to the server whenever they log out, so that the user doesn’t have to remember to do so.
Allows users to log into multiple computers. This works great in an environment where people don’t have designated desks, such as an open lab.
Security issues. After the user has logged on, a copy of their profile is left on the hard drive. If the computer were to be stolen, this data could easily be compromised.
Slow login times. If a user puts too much data in their profile, it could take a very long time to transfer all that data whenever they log on or off. This could lead to profile corruption.
Bandwidth consumption. Large user profiles take a lot of network bandwidth to transfer data back and forth. Much of this is amounts to wasted bandwidth since many of the files and data transferred are not accessed every time the user logs on.
Maintenance issues. I regularly have to clean old profiles off some computers because those profiles left behind fill the hard drive so much that they prevent other people from logging in. It’s also a fairly regularly problem to have to rebuild user profiles after data has been corrupted during transfer.
Allows for much faster login times because the user’s data is all stored locally.
Cuts down on bandwidth consumption because less data is transferred during login and logoff.
Great for people who have a designated desk where they use the same computer every time.
If the user gets on a different PC, they may not be able to access their local data unless they stored some of it on a separate folder on a server.
Security issues. Having all the data stored locally presents a security problem if that PC is stolen.
Potential for data loss. I distinctly remember several people losing important customer data after their computers were destroyed by Hurricane Katrina. These users had been storing data on their hard drives and had no backup copies. When their PC was literally submerged by flood waters, their data washed away with the rest of the machine.
There are as many reasons to use roaming profiles as there are to use local profiles. There are equally as many reasons not to use one over the other. Personally, I think the best solution for a network environment is to provide network server locations for all data storage, then it won’t so much matter if the users are on roaming or local profiles.
The important thing is that users should only be allowed to store a very minimal amount of data in their profile, because it is safer and more secure to keep their data on the server. That way, it doesn’t matter what computer they log into because they can still access their data, and they won’t have to wait for it to download to their machine.
Furthermore, it may help to ‘lock down’ the PC so that the user will be severely limited as to where they store their data. One major problem with roaming profiles is that users tend to dump a lot of data on their Desktop, and this data gets transferred every time they log into a different machine. Users simply should not put any files on the hard drive, and it may require some training in regard to file locations to make sure they don’t do this. Often times, issues with data loss or security breaches come about simply because the user didn’t know what they were doing.