Forum Discussion
Solved
MSIX App Attach Group Policy Issues
Hi,
I’ve been testing out MSIX App Attach on the new 2004 build of Windows 10 Multi-User and works fine running the staging, register, deregister and destaging scripts manually.
I am having issues getting them to run via GPO.
Any possible combination I use the Stage script fails to run.
I believe it is permission based and the Mount-VHD command is failing.
If I run the stage script manually the register and others work fine via GPO
I’ve also tried the combined script below
https://blog.itprocloud.de/Automatic-MSIX-app-attach-scripts/
and still the Startup script doesn’t run. As per the article I have granted the Gpsvc permission to mount the VHD.
Anyone have any ideas?
James
I’ve been testing out MSIX App Attach on the new 2004 build of Windows 10 Multi-User and works fine running the staging, register, deregister and destaging scripts manually.
I am having issues getting them to run via GPO.
Any possible combination I use the Stage script fails to run.
I believe it is permission based and the Mount-VHD command is failing.
If I run the stage script manually the register and others work fine via GPO
I’ve also tried the combined script below
https://blog.itprocloud.de/Automatic-MSIX-app-attach-scripts/
and still the Startup script doesn’t run. As per the article I have granted the Gpsvc permission to mount the VHD.
Anyone have any ideas?
James
- I answered this myself in the end.
Was due to permissions as I had the VHDs hosted on Azure File Share so the Gpsvc couldn’t mount them.
I moved them to a local share on my file server and working perfectly.
Would be nice to know if I could get it to work off the Azure File Share but I’m unsure how to get it working
James
4 Replies
- The problem is the mount scripts have to be done in the context of an user that has permission to the share, as outlined by Jamesatighe
- I answered this myself in the end.
Was due to permissions as I had the VHDs hosted on Azure File Share so the Gpsvc couldn’t mount them.
I moved them to a local share on my file server and working perfectly.
Would be nice to know if I could get it to work off the Azure File Share but I’m unsure how to get it working
JamesWe are running into the same issue and to work around it we have moved it to a file share on a VM in the Azure Vnet. However it would be a nicer solution to use Azure files we are using that for our profile storage with ADDS integration.
Issue is authentication. The logon script GPO is run with the local system account, I can't find a way to allow access to the AZ file share for this account.
R_Akers you can create a scheduled task to run as a "user" account on startup that has mount permissions and access to the share in Azure Files with AD permission sync enabled
