First looks at Frontline Shared UES

Posted on February 2, 2026 by ncbrady

Introduction

Windows 365 User Experience Sync (UES) is a cloud‑native capability designed to give users a seamless, consistent, and personalised Windows experience across Windows 365 Cloud PCs and Windows 365 Cloud Apps. Without UES in place on Frontline Shared devices, Windows personalisation, user settings, application settings, and application data are retained on logoff/logon which can be frustrating for end users who need to reauthenticate or reconfigure to set up their device how they need to use it, only to have to do this each time they log on to the Cloud PC.

Instead of relying on traditional profile‑management tools, UES automatically preserves the settings every time the user signs in. Microsoft manages the UES infrastructure, vastly decreasing the implementation complexity and cost compared to other profile based solutions.

At the core of User Experience Sync is dedicated, cloud‑hosted user storage that follows each user from session to session. When a user signs in, their individual storage is dynamically attached, providing immediate access to their personal settings and app data. As the user signs out, the profile is detached and stored securely ready for the next session.

In this blog post myself and fellow MVP buddy Niall Brady overview this new feature and show you how you can set this up for Windows 365 Frontline Shared Cloud PCs and Cloud Apps. Myself and Niall were part of the private preview for the solution and were heavily involved at that stage. The feature was made generally available in November and we will be interested to see that changes have been made to the solution, based on our feedback, in that time.

Requirements

The following requirements are needed at present.

  • Windows 365 Frontline license
  • Access to required Windows 365 and Microsoft 365 endpoints
  • Intune management permissions

Setting it up

When it comes to setting up the Windows 365 User Experience Sync, the enablement of the feature is achieved in the configuration of the Frontline Shared Provisioning Policy. This can be done when creating a new policy, or an existing policy can be modified to add or remove the feature. Let’s focus initially on creating a policy and enabling the UES solution.

In the Intune admin center, navigate to Devices | Device onboarding | Windows 365. Select Provisioning policies from the menu and choose Create Policy.

 

When creating the provisioning policy, ensure that you select Frontline as the License type and enable Shared from the Frontline type choice. For Experience, you can choose either Access a full Cloud PC desktop, or Access only apps which run in the cloud, since both Cloud PCs and Cloud Apps support UES.

The Configuration section of the provisioning policy wizard is where we configure the UES solution. We have two choices to make; Enable user experience sync and User Storage Size. Check Enable user experience sync to turn on the feature.

Managing the UES storage

For the User Storage Size, Microsoft offer a predefined pool of user storage that comes included with your Frontline licence. The total available storage is determined by the Cloud PC’s OS disk size and is scaled based on the number of Cloud PCs assigned within the policy.

For our Frontline model, we have a Cloud PC Frontline 2vCPU/8GB/128GB licence and 1 Frontline device, therefore the amount of pooled storage available to us is 128 x 1 or 128GB.

The User Storage Size allows us to assign up to 64GB per user as you can see from the drop-down menu below.

Be aware of the pooled disk space limitations when assigning the the User Storage Size.

  • Exceeded limits: When pooled storage runs out, new users can still sign in, but they receive a temporary profile and cannot create their own user storage. Users who already have allocated storage can continue signing in with their full personalised experience.
  • Exceeded tolerance period: If the pooled storage limit remains exceeded, a 7‑day tolerance window begins. After this period ends, the system automatically removes individual user storage starting with the one that has the oldest “last attach” timestamp. Once the total storage usage drops back below the limit, the tolerance period resets and won’t start again until storage is exceeded in the future.

You can manage the user storage by selecting going to Provisioning policies and clicking your newly created policy.

Next, select User storage and you will be presented with a view of the Storage information which includes the Total, Available and Used data. Since we are currently provisioning the devices, nothing will be used.

Some recommendations to assist with UES are to:

  • Enable OneDrive redirection
  • Manage Edge for cache and temporary data retention
  • Deploy Storage Sense to clean up temporary files, delete downloads and cloud backed files (OneDrive)

You can set up alert monitoring for the user storage. This is achieved by navigating to Tenant administration | Alerts | Alert Rules and clicking Frontline Cloud PC User Experience Sync Storage Limits.

In the System rule view, you can set to alert when used space is Greater then or equal to a certain percentage. You can set a Severity for the alert, if the Status of the rule is On or Off, whether to have a Portal pop-up Notification and if someone should receive an Email alert. You can enter multiple recipients for the email.

What’s Included and Exclude from User Experience Sync (UES)

The following is included in the UES solution:

User storage includes all data from C:\Users%username%, such as:

  • User settings and application data
  • Registry files, (NTUSER.dat and USRCLASS.dat)
  • Personal files and folders

What’s not included:

  • Nonroamable application data
  • AppData\Local\Packages*\AC
  • AppData\Local\Packages*\SystemAppData
  • AppData\Local\Packages*\LocalCache
  • AppData\Local\Packages*\TempState
  • AppData\Local\Packages*\AppDat

Nonroamable identity data

  • AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy
  • AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy
  • AppData\Local\Microsoft\TokenBroker
  • AppData\Local\Microsoft\OneAuth
  • AppData\Local\Microsoft\IdentityCache

The UES Experience

When a user signs on for the first time to a Cloud PC or Cloud App with UES enabled, the personal storage will be created and attached to the session and capture of settings will be automatically enabled and redirected to the storage. On the next login, the UES will be reattached and any saved configuration loaded.

Do bear in mind that UES does not roam or persist user installed applications, only settings and preferences are captured.

On a Frontline Shared UES enabled device, we are loading the store app Sticky Notes for the first time. We are requested to authenticate to use the app on first run.

After authenticating, we can create content in the app with the expectation that this is stored within the UES storage and retained for our next session.

If we do not have Frontline Shared UES enabled, then the end user would need to re-authenticate with the Sticky Notes app on each logon to bring up their personalised notes.

Installing apps

Another thing to note is if the user downloads and installs an app, let’s say Firefox. While this works during the session that the user is logged on to, once they logoff/logon any remnant of that (shortcut, etc) are gone. If you want apps to persist then install them in the base image (custom image).

Filling up the storage and reporting on usage

One of the areas we fed back on during the private preview, was the lack of warning or information for the end user when the UES becomes full. In the screenshot below, for example, the user has downloaded too many ISO files and filled up their allocation of 16GB. The only message the end user gets is Couldn’t download – Disk full. This isn’t informative enough for the end user in our opinion. Improvements to the experience should be forthcoming and we hope that this is one which is being taken into account by Microsoft.

When it comes to usage, the admin can take a look at what allocation of their Total amount is in use in the User storage section of the Provisioning Policy. Remember from earlier, you need to click Provisioning policies and select your policy.

Select User storage to view. We can now see that 16GB from the Total of 128GB has been allocated to a user. These stats do not give us a real time view of what a user has actually used from that 16GB allocation. This is another area that we fed back on that we feel needs improvement.

If we have set up alerts and total usage across all UES compromises the percentage stated in the rule, then the recipient of the alert rule will receive an email with details of the provisioning policy where the usage is a concern.

In Tenant administration | Alerts admins will be alerted with the relevant Severity and with a pop-up, if enabled.

Amending an Existing Provisioning Policy

To be able to amend an existing provisioning policy to add or remove UES, you first need to remove the the current group assignment from the policy.

Navigate back to Provisioning policies and select your Frontline shared policy.

Choose Properties.

Scroll down to the Assignments and click Edit.

Delete the assignment.

Click Remove to confirm the removal of the assignment. Click through the wizard to Update the policy.

Now Edit the Configuration section of the policy.

This is our UES policy with UES enabled. We can, therefore, remove UES by deselecting the Enable user experience sync checkbox. If this was a policy which never utilised UES, we could go into here and select to use and set a corresponding User Storage Size.

Once amended, Update the policy and head back to Assignments and Edit. Reassign the policy and enter the relevant Cloud PC size, select your Frontline subscription and Assignment details.

The Frontline shared devices will then be in a Provisioning state as the amended configuration is laid down.

Read more

Summary

Windows 365 User Experience Sync is a welcome feature for Frontline Shared devices which has been on the wish list for some time now. It is very simple to get up and running, without all the complexity of other solutions and provides instant access to storage of settings and application data.

Microsoft is taking into the account the feedback it received during the private preview and we should see some feature changes happening very shortly to improve the end user experience.

We look forward to seeing how this new feature matures and develops over time and we’ll blog about the feature improvements as they are released.

This entry was posted in Windows 365, Windows 365 Frontline and tagged , , , , , . Bookmark the permalink.