Changing Administration Settings

The Administration screen allows you to control various settings and operations for ProfileUnity in your environment. To get to these settings, complete the following steps:

  1. Hover over your username in the top right corner of the Management Console screen.
  2. In the drop-down menu that appears, click the Administration option.
  3. The Administration screen opens with the Settings tab displayed.
  • The Settings tab contains fields that allow you to configure the following settings:

    1. Note: Authentication settings are available on the Users And Roles tab, not the Settings tab.

    Audit

    Enable Audit

    Check the Track Changes to Configurations, Filters, Portability Rulesets And Other Items option in order for ProfileUnity to keep an audit trail of revisions to your database.

    How Many Days of Records to Keep

    If enabling audit tracking, enter the number of days to retain audit information. The default is 120 days.

    Cloud Storage

    ProfileUnity supports the use of cloud storage for configuration INI files and user profiles.

    To make use of cloud storage spaces, click the Add Cloud Credentials button.

    Name

    Enter your descriptive name for this cloud storage connection. You will need at least two sets of credentials per cloud storage platform – one for the ProfileUnity Console functions and one for the ProfileUnity Client functions.

    Cloud Storage Platform

    Select the cloud storage provider from Amazon S3, Microsoft Azure, or Google Cloud Platform. You will be asked to configure additional storage settings based on which of the following platforms you choose:

    • Amazon S3
      • Access Key: Enter your user access key for this cloud storage connection.
      • Secret Key: Enter the secret key for this cloud storage connection.
      • Account Type: Choose from storage types including S3 Storage, S3 GovCloud Storage (US East), S3 GovCloud Storage (US West), and S3 Custom Storage.
        If S3 Custom Storage is chosen, enter the URL of your Amazon S3 custom region. For example: https://s3.Region.amazonaws.com
    • Microsoft Azure
      • Account Name: Enter your Azure Blob cloud storage account.
      • Account Key: Enter the secret key for this cloud storage account.
      • Storage Domain: Choose from storage types including Azure, Azure US Government, Azure Germany, and Custom Storage.
        If Custom Storage is chosen, enter the URL of your Azure Blob storage endpoint. For example: https://AccountName.blob.core.windows.net
    • Google Cloud Platform
      • Google Application Credential Key: Copy and paste the contents of the Google Application Credentials JSON file.

    Global Variables

    Administrators can use global variables across all objects in the Management Console. This is a time-saving feature that allows global changes to occur by changing the value of a variable in one location and having that change automatically propagated to all configurations, filters, and portability rulesets that use that variable.

    To set up global variables for use in your environment, enter a Variable Name and a Value. Then click Add/Update Variable to either add a new variable or update an existing value.

    Note: Variable names can only contain letters and numbers. Other characters are not permitted.

    To use a global variable in a Configuration, Filter, or Portability Ruleset, type in the variable name surrounded by curly brackets. For example, to use a global variable named FileShare02, type in {FileShare02}.

    Important: Anytime you make a change to a configuration, including global variables that might affect multiple configurations, you must re-download or re-deploy the related Configuration INI files. In addition, those changes will not take effect until the next logon event from the user. If they are currently logged in when the configuration file is downloaded, they will still be under the old configuration settings.

    Path Overrides

    The Path Overrides section allows you to find and replace paths for Folder Redirection, Portability and FlexApp DIA in the generated INI file.

    The path override list that appears in the section can be re-ordered at any time by clicking the (Up) and (Down) arrows in the path override rows. Override paths that are higher in the list take precedence over paths that are lower.

    After an override path is created, you can edit or delete it by clicking the corresponding icon in the override path row.

    Client Settings

    The Client Settings section handles client-side settings for requesting licensing, ProfileDisk VHDX configurations, and FlexDisk configurations.

    ProfileDisk allows a user’s entire Windows user profile to exist on a virtual disk that can be attached and detached to a desktop as needed. The ProfileDisk stores 100% of all file system and registry changes in the user profile path so that all user settings and data are preserved on both persistent and non-persistent desktops. VHDX ProfileDisks are managed in this section. VMDK-based ProfileDisks are managed by FlexDisk.

    Add ProfileDisk Group

    Click this button to assign one or more VHDX ProfileDisks to Active Directory User Groups.

    Choose the Storage Type, Virtual Disk Path, Size in GB, and whether the disk will be Expandable or Fixed in size. Check the Enable Compression option to allow space savings. Different VHDX ProfileDisks can be assigned to particular Active Directory User Groups. Also, each group of users can have separate paths to their own ProfileDisk so that loads can be balanced among different file shares.

    Check the Multi-session ProfileDisk option to allow users to log in to multiple sessions at the same time and have the same experience across sessions. Multi-session ProfileDisks require the use of VHDX disks and, as a result, are only supported on Windows 10, Windows 11, and Windows Server 2012 R2, 2016, 2019, and 2022.

    ProfileDisk Assignments

    Lists the VHDX ProfileDisks in your environment by user assignment and disk location. You can edit or remove ProfileDisks from this list.

    Communication Type to Broker Messages

    Select which ProfileUnity technologies will be sending messages across the Fabric. Choose Licensing Only Fabric Use if you will not be using ProfileDisk or FlexDisk. In this case the Fabric will just be used for license requests. Choose VHDX ProfileDisk for licensing and VHDX ProfileDisk communications. Choose FlexDisk VMDK ProfileDisk And FlexApp to allow both ProfileDisk and FlexApp to make use of VMDKs and to send licensing communications across the Fabric. Choose FlexDisk VMDK FlexApp Only to allow licensing and VMDK FlexApp communications only.

    Click the Manage Message Queue Connection button to edit the message broker connection string.

    Connection String

    The connection string to connect the Message Broker. This field is blank by default. Do not modify this field without guidance from Liquidware Support.

    Deployment Path

    To set a Deployment Path, complete the following steps:

    1. Enter the deployment location where the client configuration will be stored on your NETLOGON share.
    2. Check the Overwrite files if they exist option to have the deployed configuration file overwrite any previously existing client configuration files at the specified location.
    3. Click the Update button in the top right corner of the screen.
    4. Click the Download or Deploy Client Settings button.
    5. On the screen that pops up, select the Platform for deployment.
      • If you choose the Domain or Cloud option, this will place the client configuration file, nodes.xml, in the directory you specified for the Deployment Path.
      • If you choose the Download option, the client configuration file will be downloaded through your browser.

    ProfileUnity Tools

    In addition to the ProfileUnity Management Console, there are two other main components to ProfileUnity: the FlexApp Packaging Console and the Client. The FlexApp Packaging Console allows administrators to configure and prepare any applications that must be configured for users and made available as a department installed application (DIA). The Client manages each user’s settings and persona during their session.

    Run Client Tools As Service

    To run the Client tools as a service, complete the following steps:

    1. In the Run Client Tools As Service field of the ProfileUnity section, enter a username in the form of domain\username.
    2. Enter a password.
    3. Click the Update button in the top right corner of the screen.

    To deploy the configuration to a specified Deployment Path, complete the following steps:

    1. In the Run Client Tools As Service field of the ProfileUnity section, click the Download or Deploy Service Configuration button.
    2. In order for this to work, you also need the system INI path set in the GPO and the license path set to the main deployment path.
    3. On the popup screen that appears, select the Platform you want to use for deployment.
      • If you choose the Domain or Cloud option, the service configuration file is placed in the directory you specify in the Deployment Path field on the popup screen.
      • If you choose the Download option, the service configuration file is downloaded through your browser.
    4. Click the Deploy button.

    To delete a configuration, click the Remove Service Configuration button.

    Deployment Path

    To set the deployment path, complete the following steps:

    1. In the Deployment Path field of the ProfileUnity section, enter the UNC or cloud storage path to where the client tools and configuration files should be placed.
    2. Select the Overwrite files if they exist checkbox to overwrite files if they already exist at the specified location. Otherwise, an error will be thrown if the files already exist.
    3. Click the Update button in the top right corner of the screen.
    4. Click the Download or Deploy Client Tools button to deploy the client tools to the deployment path.
    5. On the popup screen that appears, select the Platform you want to use for deployment.
      • If you choose the Domain or Cloud option, the service configuration file is placed in the directory you specify in the Deployment Path field on the popup screen.
      • If you choose the Download option, the service configuration file is downloaded through your browser.
    6. Click the Deploy button.

    Download FlexApp Packaging Console

    Downloads the FlexApp Packaging Console Installer to a location you specify.

    ProfileUnity Console Service Log

    Level of Logging

    The level of logging ProfileUnity should log at. Choose from Debug, Info, Warning, Error, or Fatal. Debug provides the most detailed information.

    Logging Path

    The path to where ProfileUnity should log.

    View Log

    View the latest log being reported.

    Proxy

    (Optional) Enable proxy support for cloud platforms and other calls via the internet by clicking on Proxy Settings.

    Choose from the following options:

    • Do not use Proxy
    • Auto-detect Proxy
    • Manual Proxy Configuration

    If you choose the Manual Proxy Configuration option, you can use the rest of the fields.

    Proxy Address

    Enter the IP Address of the proxy server.

    Proxy Port

    Enter the port to use for communication with the proxy server. The default is port 80.

    Use Authentication

    Check this option to provide proxy authentication credentials if they are required and then complete the Domain, Username, and Password information.

    Domain—(Optional) Enter the domain for the user account information entered below.

    Username—Enter the username for the account to be used for authentication with the proxy server.

    Password—Enter the password for the account to be used for authentication with the proxy server.

    Miscellaneous

    Hide Desktop Start Menu Module

    Uncheck this option to allow configuration of the Desktop Start Menu module. When this option is unchecked, the Desktop Start Menu configuration module will be made available for use on the Configuration Management screen.

    Hide MAPI Profiles Module

    Uncheck this option to allow configuration of the MAPI Profiles module. When this option is unchecked, the MAPI Profiles configuration module will be made available for use on the Configuration Management screen. Note that the MAPI Profiles module functionality is only supported by Microsoft Exchange 2010.

    Hide Liquidware App Catalog

    Check this option to hide Liquidware app cloud FlexApps from the FlexApp DIA Inventory inside both the Management Console and the FlexApp Packaging Console. Liquidware apps are FlexApp packages that have been created by Liquidware and are immediately available for use in your environment. They are provided via cloud storage. Since the original packages were created and are owned by Liquidware, these FlexApps are subject to be updated, changed, or removed at any time. Therefore, it is recommended that these FlexApps be cloned before using in your own environment.

    Enable CAC Secure Mode

    Check this option to require Common Access Card (CAC) usage for authentication when logging in to the ProfileUnity Management Console. For more information, refer to the Configuring Common Access Card Authentication document.

    Enable CAC Certificate Revocation List Cache

    Check this option to enable Common Access Card (CAC) certificate revocation list cache.

    Hide External Links

    Hides external web links from the Management Console.

    Enable Secure Banner Text

    Check this option to enable the display of all secure banner text.

    Secure Banner Text

    Type the approved secure text that is displayed before a secure mode login.

    Secure Login Banner Text

    Type the approved secure login text to be shown prior to, or as part of, the ProfileUnity Management Console login process.

    WebServices

    Port

    The port on which the web service runs. The default is 8000. Any change to the port number requires a service restart.

    Session Timeout in Minutes

    How long before an idle user has before they will be required to log in again.

    Force SSL

    Forces use of SSL HTTPS protocol over standard HTTP protocol. Any change to this setting requires a service restart.

    SSL Certificate

    Displays current SSL certificate.

    Import New Certificate

    Allows the user to import a .PFX certificate.

    Database

    Click the Manage Database Connection button to configure the location of your ProfileUnity database.

    Connection String

    The connection string used to connect to the database.

    Note: You can use the Connection String to switch between databases by just changing the file name if you have multiple databases that you would like to maintain separately.

    you are encouraged to back up your configuration on a regular basis. To create a copy of your database, click the Backup Current Database button. A list of backups will be kept below the button. Use the Download icon to download a specific database backup.

    You can also restore your configuration settings from a previously made backup. This is especially useful if you are upgrading your software version and would like to keep your existing configuration settings. To restore an archived database, click the Restore Database button and browse to the location of the backed-up database file.

    Inventory

    Database Purging

    Check Automatically purge old inventory records if you want ProfileUnity to periodically check for old records that can be deleted.

    Enter how long you want to keep inventory records in days in the How Many Days of Records to Keep field. ProfileUnity will automatically purge records outside of this date range if automatic purges have been enabled.

    Configuration Revision Retention

    As part of the configuration auto-deployment feature, ProfileUnity has a built-in retention policy. Anytime that a Configuration file is updated, it will be saved. Set the retention number to indicate the last number of updates to each Configuration that ProfileUnity will keep. The default is 5. You can view the list of saved changes by clicking on the Configuration History icon to the right of each Configuration name on the Configuration Management screen.

    Clustering

    Clustering is part of the FlexDisk technology solution where ProfileUnity is configured in a clustered mode to provide multiple nodes for scaling additional resources and to protect against a single point of failure. Clustering settings go hand-in-hand with FlexDisk settings.

    Node Status

    Shows the status of either a single host server or multiple servers clustered across multiple stateless nodes running in High Availability Mode.

    Enable High Availability Mode

    To enable High Availability mode, complete the following steps:

    1. Select the High Availability Mode checkbox.
    2. Click the Update button in the top right corner of the screen.
    3. Wait for ProfileUnity to switch into HA mode.
    4. A message pops up and you are then redirected to the Management Console login screen.
    5. Log in to the Management Console again.
    6. Hover over your username in the top right corner of the screen.
    7. In the drop-down menu that appears, click the Administration option
    8. The Administration screen opens with the Settings tab displayed.
    9. Scroll down to the Clustering section.
    10. Click the Add Node link in the top right corner of the Node box and enter another node address. This address should be the fully qualified domain name of another server where an additional installation of the ProfileUnity Management Console was installed appended with the default port of 8000. For example, the node address would look like: prou2.mydomain.com:8000.
    11. Repeat the process to add more nodes.
    12. The total number of nodes in the cluster must be an ODD NUMBER. We recommend 3 nodes, but 5 or 7 are supported as well. Generally, more than 3 is not necessary. The number of nodes that can go down and have the cluster still operating normally depends on the total number of nodes in the cluster. Normal operation requires at least 2 nodes to be up at all times. So, a 3 node cluster would allow for a single node failure, a 5 node cluster would allow for a 3-nodes failure and so on. Two nodes is not a valid cluster configuration and will NOT result in the ability to lose a node and still function normally.

    FlexDisk

    FlexDisk is a robust VMware VMDK (Virtual Machine Disk) delivery system managed by ProfileUnity. FlexDisk allows administrators to provision flexible, user VMDKs on a VMware Virtual Machine File system (VMFS) high-speed data storage volume to deliver user profiles or applications. FlexDisk settings go hand in hand with Clustering settings.

    FlexDisk Port

    Enter the number of the port used to communicate with the FlexDisk API. The default is 4443.

    Add vCenter Credentials

    Click this button to enter your VMware Virtual Center credentials. Enter your credentials formatted the same as they are in the Virtual Center Client. The FlexDisk technology supports the usage of multiple VMware vCenter Servers. For organizations that have users that float between multiple vCenter Servers, FlexDisk coordinates communication and executes administrative tasks using the vCenter APIs to attach and detach VMDKs based on each user’s requirements and the server to which they are currently attached.

    Virtual Centers

    Lists the VMware vCenter Servers that FlexDisk has access to. You can edit or remove servers from this list.

    Download Connection Server Monitor

    Click to download the Connection Server Monitor. Install the CSmonitor service on all View Connection Brokers the users will be using to access pools. You will tell the CSmonitor about the primary node installation of the ProfileUnity Management Console.

    License Reporting

    How Many Days of Records to Keep

    Enter the number of days to retain user license information. The default is 120 days.

    Notifications

    Enable Notifications

    Check this option to enable email notifications from ProfileUnity.

    Subject Prefix

    Enter the prefix that will be placed on the subject line of all ProfileUnity email notifications.

    SMTP Host

    Enter the address of the SMTP server that will send the emails.

    SMTP Port

    Enter the port number for the SMTP server to use for communication.

    Authentication

    Enter the Username and Password that will be used for authentication purposes when using the SMTP server. The Enable SSL/TLS option is available to encrypt transmissions when sending emails.

    Sender Name

    Enter the name that the email will be “From” when it is delivered.

    Sender Email

    Enter the email address that the email will be “From” when it is delivered.

    Send Test Email

    Allows you to test your email notification settings by sending a test email from within ProfileUnity to an email address that you specify. Click the Update button in the top right corner of the screen to save any setting changes before sending a test email.

    Manage Notifications

    Manage a list of users who will receive notification emails. ProfileUnity uses this list to email users about node outages when using the FlexDisk technology. Separate multiple emails in this list with a semi-colon.