Forum Widgets
Latest Discussions
Error removing Rule at logoff
Hello folks. during user logoff Fslogix is trying to remove some rules but get an exception [ERROR:80070490] Error removing Rule: C:\Users\username\AppData\Local\CrashDumps (Element not found.) As a result it removes "users profile" and "local_username" folder correctly with no issues, but sends Error to the logs. It's spamming the logs because it will put error one every excluded folder from redirection. We don't use any FSLogixAppsRuleEditor or something else, checked by ."\frx.exe list-rules -verbose" it returns - "No rules" The redections.xml looks like [...] <Exclude Copy="0">AppData\Local\CrashDumps</Exclude> [...] Is this an known issue ? Thinking it came around with 3.25.202.4223. Thx Jensfslogix printing does not work after changing profile from UPM to fslogix
I use Manuel Winkel's script <www.deyda.net> to convert UPM profiles to FSLogix profiles. When users log in again, some of them are unable to print. Deleting the printer, even from the registry, does not help. Adding new printers does not work. Restarting the printer queue does not work. If I delete the profile and create a new one, printing works. Does anyone have any ideas? Equipment: Windows 2019, Citrix 7 2203 CU6, and FSLogix 3.25.626.21064
FRXTray functionality replacement
Our company has used FsLogix going back well before Microsoft stepped in and we have always relied on the FRXTray stoplight for Profile troubleshooting. This tool makes it easy for my field staff to know when the users profile has loaded or not. Now that the tool has been removed in 25.02 (3.25) I am left wondering how my field staff can easily determine if the profile isn't loading. Is there another tool or command line item that can be run, or is it a matter of slogging though the logs to find the answer?
How to check the file is fslogix redirection file?
hi,I am a developer。I write a minifilter,which altitude is 138200。 I want to check a fileobject is a FSLogix’s redirection file。I foud four ECP GUID in the fslogix driver。 I want to check in minifilter precreate callback function,but it is not effect。 Could you tell me the problem?thanks! DEFINE_GUID(GUID_1, 0x5AE07381, 0xAA1E, 0x4571, 0xB4, 0x3B, 0x37, 0x2C, 0x2C, 0xDD, 0x96, 0x0A); DEFINE_GUID(GUID_2, 0xE40898B8, 0x1D08, 0x4434, 0xB2, 0xC9, 0x78, 0xD6, 0xB8, 0x83, 0xBF, 0xEB); DEFINE_GUID(GUID_3, 0xFD7F2404, 0x788C, 0x48D3, 0xA7, 0x1B, 0x35, 0x60, 0xD5, 0x70, 0x8F, 0x45); DEFINE_GUID(GUID_4, 0x9414EEF8, 0xE320, 0x43F8, 0xA5, 0x1A, 0x32, 0x58, 0x48, 0x24, 0x10, 0xCF); BOOLEAN xxxIsKernelModeEcpPresent( _In_ PFLT_FILTER Filter, _In_ PFLT_CALLBACK_DATA Data, _In_ LPCGUID EcpType, _Outptr_opt_result_buffer_(*EcpContextSize) PVOID *EcpContext, _Out_opt_ ULONG *EcpContextSize ) { NTSTATUS status; PECP_LIST ecpList; PVOID ecpContext; ULONG ecpContextSize; PAGED_CODE(); if (EcpContext) { *EcpContext = NULL; } if (EcpContextSize) { *EcpContextSize = 0; } status = FltGetEcpListFromCallbackData(Filter, Data, &ecpList); if (NT_SUCCESS(status) && (ecpList != NULL)) { status = FltFindExtraCreateParameter(Filter, ecpList, EcpType, &ecpContext, &ecpContextSize); if (NT_SUCCESS(status)) { if (!FltIsEcpFromUserMode(Filter, ecpContext)) { if (EcpContext) { *EcpContext = ecpContext; } if (EcpContextSize) { *EcpContextSize = ecpContextSize; } return TRUE; } } } return FALSE; } FLT_PREOP_CALLBACK_STATUS xxxPreCreate ( _Inout_ PFLT_CALLBACK_DATA Data, _In_ PCFLT_RELATED_OBJECTS FltObjects, _Flt_CompletionContext_Outptr_ PVOID* CompletionContext ) { FLT_PREOP_CALLBACK_STATUS returnStatus = FLT_PREOP_SUCCESS_NO_CALLBACK; NTSTATUS status; PFILE_OBJECT fileObject = Data->Iopb->TargetFileObject; PAGED_CODE(); createContext.Flags = 0; if (!fileObject) { return FLT_PREOP_SUCCESS_NO_CALLBACK; } // // Skip pre-rename operations which always open a directory. // if (FlagOn(Data->Iopb->OperationFlags, SL_OPEN_TARGET_DIRECTORY)) { return FLT_PREOP_SUCCESS_NO_CALLBACK; } // // Skip paging files. // if (FlagOn(Data->Iopb->OperationFlags, SL_OPEN_PAGING_FILE)) { return FLT_PREOP_SUCCESS_NO_CALLBACK; } // // Skip DASD opens // if (FlagOn(FltObjects->FileObject->Flags, FO_VOLUME_OPEN)) { return FLT_PREOP_SUCCESS_NO_CALLBACK; } if (UpmIsKernelModeEcpPresent(UpmData->FilterHandle, Data, &GUID_1, NULL, NULL)) { UPM_ASSERT(FALSE); } if (UpmIsKernelModeEcpPresent(UpmData->FilterHandle, Data, &GUID_2, NULL, NULL)) { UPM_ASSERT(FALSE); } if (UpmIsKernelModeEcpPresent(UpmData->FilterHandle, Data, &GUID_3, NULL, NULL)) { UPM_ASSERT(FALSE); } if (UpmIsKernelModeEcpPresent(UpmData->FilterHandle, Data, &GUID_4, NULL, NULL)) { UPM_ASSERT(FALSE); }Adobe Acrobat Pro Sign on issues in AVD
We have a Windows 11 Multisession AVD pool with 2 Hosts using FSLogix on the latest versions. We have the Hosts shutdown when no one is logged. Users are having an issue where Adobe Acrobat does not remember the users sign on information and they have to sign in again. While I do not think this is specifically a FSLogix issue, I am wondering if anyone else has run into this kind of issue and how the solved it.
FSLogix loads local profile after loading the first time
Hi All, So the issue is the folling: - Server 2016 broker - Server 2016 dc - Server 2016 RDSH (4x) - Server 2016 Fileserver Everytime i login with a new profile which is placed on the FS it all works fine. VHDX is mounted logoff goes fine all is well. Second time i login i get a local profile and no VHDX is mounted. Here are the GPO's that i use, including the settings: FSLogixhide Policy Setting Comment Roam Recycle Bin Enabled Roam Recycle Bin Enabled FSLogix/Profile Containershide Policy Setting Comment Delete Local Profile When VHD Should Apply Enabled Delete Local Profile When VHD Should Apply Enabled Policy Setting Comment Enabled Enabled Enabled Enabled Policy Setting Comment Install Appx Packages Disabled Profile Type Enabled Normal Profile Policy Setting Comment VHD Locations Enabled VHD Locations \\Server\Share$\ FSLogix/Profile Containers/Advancedhide Policy Setting Comment Prevent Login With Temp Profile Enabled Prevent Login With Temp Profile Enabled - If i open the FSLogix Profile status logs i see the following: Tested with multiple users and the first login goes perfectly then the second time it creates a local profile. No open files on the Fileserver when we logout, which is good. Share permissions for the time being is set on everyone - FC. NTFS If i delete the profiles on the Fileserver share and log the users back in the first time it works perfectly again. Same issue when we login for a second time. Hope that anyone could help me out here. If you need more info, let me know. Thanks in advanceMicrosoft MFA, FSLogix and RDS Collection?
We have a Windows 2019 RDS collection that includes 7 RDSH servers. We implement conditional access policies to require MFA for all users and set the 'sign-in frequency' to 90 days. Initially, we whitelisted our office WAN IP by adding it as a trusted/named location. This allowed users to bypass MFA when working from the RDS. However, we then discovered that some users, who only work from the office, had never set up MFA (due to the trusted location/exception). As this is a security concern, we decided to remove the office IP from the trusted locations to ensure that all users registered for MFA. Now, users are prompted for MFA each time they log into the RDS, repeatedly. Even though we set the sign-in frequency to 90 days, I suspect this is because they often connect to a different RDS server each morning, which MFA interprets as a new device. Is there a way to store the MFA session token or cookie in the users' FSLogix profile?Using Microsoft MFA on RDS with FSLogix
We have a Windows 2019 RDS collection consisting of 7 x RDSH servers. We have a Conditional Access Policies which enforces MFA when accessing any M365 resource. We had previously excluded our office WAN IP (i.e: a trusted location) from the CA policy. This was to allow RDS users to operate without needing to provide MFA. However, we found that some office based users had never registered for MFA, since they only work on-site. This posed a security risk, so we decided to remove our office IP from the CA policy exceptions list. Now, all users are MFA registered, however, they're experiencing repeated prompts for MFA while working in the RDS environment. For instance, when a user opens Outlook, they are challenged for MFA 3 or 4 times. This doesn't happen if they're working locally on their laptop. In our CA policy, we have configured the 'sign-in frequency' to 90 days, but this does not seem to make any difference on the RDS. I suspect this issue arises because we're using FSLogix user profiles and office containers and a user might be placed on RDS1 one day and then on RDS7 the follow day. Is there anyway to save the MFA session token within the users FSLogix profile?
FSlogix Profile associating to wrong Azure Machine registration
Hello, We have Citrix non persistent VDI setup with FSLogix profile management. We use MS Office only for Word and Excel - there is no Outlook or Teams setup. We have hybrid deployment with we do not sync Non persistent VDI OU to Azure. Machines register as users' devices when they log in to MS Office only. During DR exercise we moved users from Production datacenter and DR datacenter Citrix Storefront. Machine name of these non-persistent windows 2019 VDIs on both ends have different names. The FSLogix profile from Prod was Robocopy to DR file share. There are two issues 1- That when user Office token tries renewing it shows in Azure User logs that it was attempted using the old VDI machines name. The activation then fails with 62ubh error. To resolve we can remove the old machine's associated to the user's under the Azure profile and then remove Microsoft.AAD.BrokerPlugin_vnggnktrrj file in C:\%Userprofile%\AppData\Local\Packages. Have the user reboot and then reactivate office. 2- At that point after it takes two tries, it times out with CA0000 error, that device could not be registered- but user gets logged in to MS Office. The VDI from DR never registers in Azure under the user's name under Devices. No issue DSREGCMD /Status and machine has SCP access. We are not resetting the Profiles because it takes time copying their setup preferences.
