Over the last few years, there have been several articles, blog posts, and updates related to issues related to Internet Explorer 11 (IE), cookies, and roaming with Citrix User Profile Management (UPM). The initial problem was related to the unsuccessful capture and restore of users’ IE data from within their user profile.
Citrix resolved the problem of capturing and restoring users IE data as discussed in the articles below.
This meant that users now have a seamless browsing experience between sessions.
In this guest blog post, Jonathan Murray, Virtualization Architect at Avanite, talks about the issues that now face business in roaming this data.
To ensure a good user experience and the fastest login possible, the data from the user’s profile that has to be loaded during the login processes needs to be as small as possible (avoid profile bloat).
Unfortunately browsing data, because of the size and number of files, is one of the main causes for a degraded user experience. It has been found browsing data can use up to 80% of the total size of the user’s profile. The users browsing data consists of the following:-
- Webcache Folder
- Cookies Files
- DOM Files
- Registry Keys
This data is captured via default includes within the Citrix configuration but additionally Citrix recommend the following folders are added to the Mirror Folders policy.
The Webcache folder contains the Webcachev01.dat which is a database used to store users browsing information including History and indexes of all the browsing related files within the user’s profile. The Webcache database size starts between 24MB and 32MB (dependent on OS) and will continue to grow. Various sizes of the Webcache file have been seen including databases that have grown to several GB. The size can vary for many reasons but can cause the size of the user’s profile to increase significantly.
The number of cookies per user that are being stored massively depends on the users’ web browsing activity, however ~5,000 files is common and an excess of 50,000 for some users is not unknown.
Cookie files can be stored in different locations dependent on whether IE Protected mode is enabled. When IE Protected Mode is enabled and using Microsoft recommended settings, the following are applied to each Zone:-
- Internet – Protected Mode enabled
- Local Intranet – Protected Mode disabled
- Trusted Sites – Protected Mode disabled
- Restricted Sites – Protected Mode enabled
When accessing a site with that is within a Zone where Protected Mode is enabled, the IE process is run with a low integrity security token. This restricts the area of the disk where web data is written to. By default, 90% of cookies are delivered into one of the following 2 locations dependent on the OS version:-
The cookie directory location is detailed within the Webcache.
Does this data cause a problem?
This can cause problems and impact organization is several different ways, such as the below:
The user experience can be degraded; the Webcache and associated data is delivered during the login process rather than being streamed as required. The Webcache is a system file and is locked throughout the user’s session. This means that as the dataset grows, so does the user login time as user’s profile is loaded.
The impact on the file server and storage used to store the Users UPM profiles. As mentioned above, the users web data can contain thousands of small files, these need to be copied from the file server to the user’s session. As multiple user’s login at the same time, the I/O on the servers and storage is impacted. If it is shared storage, this can then severely affect other systems utilizing the same storage.
As the data is copied from the File Servers to the users’ session, copying all those small ~1kb-5kb files also has an impact on the network. This can be particularly evident at peak logon times.
So, why is there so much data?
One website, one cookie? No! When hitting a single site, there is no limit to the number of cookies you will receive. Looking at the below you can see IE11 that has been used to browse to cnn.com. Using the Web Page Privacy Report available in IE11 we can look at the websites with content on the current page and if the browser has accepted them. The first few all look reasonable!
Scrolling down however you start to see that other sites have delivered content to the website and that they have also download cookies to the users machine. These are ‘third-parties’ and the sites aren’t necessarily downloading data to your machine for your benefit or bear any effect to the site you are browsing!
How is the data affecting you?
Avanite have made available a PowerShell script that helps Citrix UPM customers gain a better understanding of the volume of data they are storing for their users. This will analyse the UPM profile store and provide a summary of the following:
- Total number cookies stored
- Average number of cookies
- Total size of Webcache files
- Average Webcache size
Please download the script from the link below. To run the script, when you launch it you will need to provide location of your UPM Profile store.
Is this just an IE problem?
No, although other browsers like Chrome and Firefox store data in differently they can impact the user experience. Chrome and Firefox use multiple databases to store data like cookies and history. These can also grow considerably and have a negative impact on the user experience.
Avanite WebData Control
At Avanite, we have been working to address the problems that Web Data causes. We have helped our customers bring this data under management and improve their users’ experience with our WebData Control software. WebData Control address the problem across not only IE but also Edge, Firefox and Chrome.
Please visit us at www.avanite.com for more information on and how to contact us. Download our free Analysis Tool to see the impact that Web Data can have within your profiles!
We can also be found on the Citrix Ready Marketplace.