• Article

Wes Miller

Contents

Roaming User Profiles
Enter the Mesh
Explicit Synchronization
What's the Cost?
Let's Groove
Problem Files
The Cloud

What does the word roaming mean to you? To me it means, “Wherever I go, there’s my stuff.” Simplistic, but really, isn’t that what would make life much easier for all of us? How often have you been at home and gotten an e-mail from a coworker asking for a specific file, only to be out of luck because your work machine is powered down, or the VPN is too busy because it's an inclement weather day? How convenient would it be if you could always get to the files you need to get to, no matter where you are?

So let's take a look at the roaming technologies out there in the Windows world today, then at the kinds of complexities roaming can bring, including what you need to watch out.

Roaming User Profiles

When I joined Microsoft in 1997, there was no mechanism that let users make sure they had access to their files wherever they were. That changed, to a large degree, with the arrival of Roaming User Profiles (RUP) with Windows 2000 in organizations that deployed Active Directory, and to a larger degree (and a lower pain tolerance), with Windows Vista Folder Redirection.

RUP is still with us and still used in some customer scenarios. While RUP is powerful, it brings with it some significant problems if implemented or used incorrectly. In particular, synchronization works only at logon or logoff time, and it's a last-in wins approach; data loss is potentially a huge problem. Given that a user's data defines the role of a computer, losing that data can be catastrophic.

Moreover, the dependencies mean that there are scenarios where RUP is a pain to work with. In particular, you need Active Directory up and deployed, so it isn't a solution for small businesses and won't work at all for home users. (Microsoft employees with home domains don't count!)

If all of your users are running Windows (ideally they use the same version across their roaming user profile; otherwise there can be some interesting side effects as different Windows versions write their specific settings to the profile), and you have an Active Directory deployed and everyone authenticates against it, you might be a candidate for RUP.

Folder Redirection goes a step further, allowing you to have profiles stored on the server and using Off-line Folders in the OS to synchronize. Better, but still not perfect, especially if you don't have a domain, you are working on a home network, or the users are offline/offsite more often than not.

Enter the Mesh

As you read this, I've been working for about three months on a new Microsoft Press title with Mark Russinovich. Right from the beginning, I've had to deal with a certain problem—I use a collection of machines: two Windows Vista, two Windows XP, and two Macs running OS X 10.5. You never realize just how hard it is to keep a bunch of files synchronized across a bunch of computers, until you have to do it regularly.

In an ideal world, you'd tell a synchronization tool, "synchronize this folder across all of my systems," and it would just work, despite the fact that different Windows versions use a different path for Windows, different user profiles, and so forth, and that their Mac counterparts store files very differently.

Microsoft's latest offering, the beta release of Live Mesh, in fact does exactly this, handling with ease the synchronization of files across disparate machines. Setup is a snap. There's a small installer that must be downloaded to all clients and installed, at which point a small icon is placed in the Windows Notification Area to help you to set up a Mesh, as shown in Figure 1.

fig01.gif

Figure 1 The Live Mesh icon is the blue circle in the center of the Windows Notification Area.

Live Mesh works to, in essence, mesh your information. It collects your devices, your data, and your people (contacts) together, no matter where that information is—on one or more of your Windows PCs, Macintoshes, Windows Mobile devices, or even on someone else's computers or devices. Note that in the current release, a system can be a member of only one Mesh at a time. Figure 2 shows how Mesh represents a group of computers online.

fig02.gif

Figure 2 The Devices in a Live Mesh

Though you may have added data and devices to your Mesh, nothing is shared yet, even if this is the second or third system, and that's a good thing! Have you ever deployed a new system on Active Directory with Roaming User Profiles and logged on, only to be sideswiped by all of the synchronizing files being downloaded? It's not too bad if you don't roam much, but what if your desktop and documents look like mine? Then you're in trouble.

But Live Mesh lets you decide what directories you want shared, and which systems to share them with. So you can create a directory shared by only two clients, another shared by two more, and then a third shared by everyone.

When setting up a folder in Live Mesh, you can either use an existing directory or create a new one entirely. I tend to create a new directory underneath the Documents directory (or equivalent, depending whether the machine is running Windows Vista, Windows XP, or OSX) and synchronize that.

The nicest part of Live Mesh is that once you've set up new folders, they get offered to other Mesh devices with no effort (ghosted icons are placed on your desktop; double-clicking them lets you specify whether to sync them (now or ever). All of your Mesh folders are available online in your Live Desktop, shown in Figure 3, so you can access them from anywhere. And, the online storage is free. There also is a Windows Mobile version of the Mesh client that allows you to bring data from that device into your Mesh.

fig03.gif

Figure 3 The Live Desktop

Live Mesh is elegant in its simplicity, and the fact that it allows cross-platform synchronization between Windows and Mac clients is very convenient. In addition to sharing, Live Mesh also provides the ability to connect back to a Windows Mesh device, as through Remote Desktop.

One of the most compelling features of Live Mesh is the visible logging/auditing that it does. Every change is tracked and shown in a panel that displays next to the folders being shared when they are open.

Microsoft also offers a service called LiveSync (formerly known as FolderShare) that predates Live Mesh. The key difference is that LiveSync (see Figure 4) is much more like traditional file synchronization, and is less about creating a "mesh" or group of linked computers, though it also lets you share folders with other Windows Live users. I encourage you to check them both out and see which fits your scenarios better.

fig04.gif

Figure 4 The Live Sync Interface

What if you don't require offline access, but instead need your files to be always available wherever you are, without a download? In that case, Live SkyDrive is a great solution. Live SkyDrive gives you 25GB of free storage on a server where you can place files and access them from anywhere. The difference between Live Mesh and SkyDrive is subtle, but important. With SkyDrive, you actually store data on the server and you retrieve it when needed, more like a traditional sync-less file server.

Microsoft isn't the only synchronization game in town. In fact, Apple's Mobile Me now works cross-platform on Windows as well as Macs—though it is not free like the Microsoft offerings. There are also numerous third-party file synchronization utilities and platforms such as Syncplicity that provide cross-platform synchronization functionality.

Explicit Synchronization

There's something I like to call "explicit synchronization" that involves the use of a particular tool to synchronize a specific file, set of files, or type of files. The best example is an idea I call roaming Favorites. On Windows, Favorites exist as a set of *.url files with meta information about them stored in a binary format in the Windows registry. There are tools today that attempt to accomplish just what I have in mind, including Live Favorites, which lets you sync your Internet Explorer favorites across multiple PCs, and Xmarks, which synchronizes bookmarks across the Firefox, Internet Explorer, and Safari browsers. You can also think of MED-V, discussed in my May article (and it has now shipped), as an explicit synchronizer. We'll discuss how momentarily.

What's the Cost?

Most synchronization platforms are free; or at least free for a certain amount of storage. Most vendors seem to offer 5–10GB of free storage and charge if you use more. Some also put fees in place based upon the bandwidth utilized, more like classic phone line charges.

It is vital to pick a reputable synchronization vendor. The files you want to be able to access from anywhere are often your most critical files. Imagine the horror of a service losing them, then synchronizing, deleting all copies. Not a fun scenario to visualize, or live through.

Similarly, it's important to make sure the communication stream between your system(s) and the synchronizing host is secure. Ideally, verify that your data is encrypted on the host.

Perhaps most crucial is to make sure you aren't violating company policy by roaming company information that shouldn't be external out of your organization. All too often, companies find themselves extricating "remote access" software from PCs that should not have any access. The same issues, or worse, can occur with synchronization solutions outside of the firewall.

References

bluebullet.gif Configuring Roaming User Profiles
technet.microsoft.com/en-us/library/cc738596.aspx
bluebullet.gif Managing Roaming User Data Deployment Guide
technet.microsoft.com/en-us/library/cc766489.aspx
bluebullet.gif Live Mesh
mesh.com
bluebullet.gif Live Sync
sync.live.com
bluebullet.gif Live SkyDrive
Skydrive.live.com
bluebullet.gif Groove 2007
office.microsoft.com/en-us/groove/FX100487641033.aspx
bluebullet.gif DirectAccess enhances mobility and manageability
bluebullet.gif Microsoft Enterprise Desktop Virtualization (MED-V)

Let's Groove

Groove, an additional component of the Microsoft Office suite, should not be left out of this discussion. I won't drill into too much detail here, simply because Groove has been covered several times in the pages of TechNet.

Groove is interesting in that it gives you a shared workspace as well as very secure file sharing among corporate users and members of their work team that may not even be a part of the organization or have internal network access. Groove is not free and has additional up-front costs related to deploying, configuring, and maintaining your Groove infrastructure. But it has the advantage of being secure; it is implemented within your organization's view but allows for a method of roaming and sharing that works even outside of the firewall, though only in a manner approved by the organization.

Problem Files

Some file types, such as Outlook PST and Access MDB files, can't be synchronized for the same reason SQL database files or any other proprietary data store is problematic to back up or synchronize—because they may be locked. And some files are simply too large to rationally synchronize (unless the roaming provider supports massively large roaming and very advanced synchronization, and I've yet to see one that does this).

What am I talking about? Virtual machines, even if they are powered off, are extremely taxing for roaming. They are simply too large, and if they are written to every day, the volume of data to be transferred could be simply unfeasible to replicate at any regular interval. Imagine synchronizing a simple 5GB Windows XP VPC image every night. Suppose it's one you use every day, say with an Outlook PST file on it. This is a significant amount of data to sync, and a huge amount of data churn daily.

I'm not aware of any traditional roaming solution that can handle this today. However, this is where you want to consider the right tool for the job. You might want to use RUP or Mesh for your basic file and data synchronization, and then take advantage of Microsoft Enterprise Desktop Virtualization (MED-V) for more advanced needs. By differentiating the workload, you can synchronize everything, allowing users to access VPC images wherever they are, and still manage to keep those images managed and patched.

In this scenario, you are using two tools to complete two tasks. Sure, in an ideal world maybe you'd only need one. But until then, you can combine tools to build the solution you need to synchronize your files to the systems (or handheld devices) you need.

There is no reason you can't use Folder Redirection, Live Mesh, MED-V, XMarks, and even Mobile Me on the same system. But in such a case, it becomes really important (as I've learned myself with Mobile Me) to understand who is the file master, and to make sure that you aren't copying confidential data out of your organization.

The Cloud

We've all heard a growing chorus promoting "the cloud" for Internet-based storage and applications. I expect the next several years to be very interesting as they meld (and to a degree, blur) the cut line between the Internet and your intranet. DirectAccess, in Windows 7 and Windows Server 2008, will surely blur this line further and make synchronization an even more interesting challenge. DirectAccess makes it easier to get to your corporate data without requiring you to place the data in a potentially risky scenario. The use of Internet or cloud-based approaches to synchronization may become problematic for businesses as compliance and security initiatives make delineation between corporate and personal use of systems necessary.

In any case, whether you want to begin roaming your own personal data at home or you're looking for a solution within your organization to allow more creative sharing of and access to files, there is a growing collection of solutions to choose from, with more surely on the way.

Wes Miller is the Director of Product Management at CoreTrace (CoreTrace.com) in Austin, Texas. Previously, he worked at Winternals Software and as a Program Manager at Microsoft. Wes can be reached at technet@getwired.com.