Forum Discussion
Outlook login issues with WVD - FSLogix
DAsnow this scenario isn't ringing a bell in terms of a common scenario, probably best to contact support on this.
Can anyone at MS clear up things?
It can't be that we need to disable modern authentication because if fails to connect for multiple users.
I deployed a new WVD pool this weeknd and already experienced disconnected users in Outlook after x amount of time. Setting EnableADAL to 0 forces the applications back to basic authentication.
Experienced these issues before on local clients so it is not WVD related at all.
When forcing everyone to use MFA we simply cannot disable Modern Auth!
Removing the user profile completely resolves the issue but is very cumbersome for the end-user.
Is there a problem with permissions in the credential manager? Because it contains a lot of entries for ADAL, almost seems like it cannot update the 1 existing entry and goes haywire after x amount of time.
Thanks in advance!
Appreciate you may have looked at this already, but I had exactly the same issue - Outlook password box not surfacing correctly to the user in a WVD Win10 session with FSLogix configured. User's shouldn't have been challenged for a password at all.
For me, the issue was that the WVD session host OU was excluded from synchronisation in the AD Connect console. As soon as I enabled synchronisation for the OU, the problem went away. Transparent sign in, no password prompts.
- Tom_A_MSFT
Microsoft
DAsnow can you try to manually register the AADBroker plug in on the user session that is experiencing this issue?
From Powershell, first verify if it's installed:
Get-AppxPackage Microsoft.AAD.BrokerPluginI would it expect that the ADDBrokerPlugin isn't installed, if so, try to manually register the app:
Add-AppxPackage -Register "C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml" -DisableDevelopmentModeTom_A_MSFT
The command to register the AAD Broker plugin works but does not persist after logoff/logon. Additionally, all new profiles need this command to be ran. We have implemented a login script that runs the AAD Broker plugin registration command which is keeping Modern Auth working for all users at this point but we cannot seem to get to the root cause. We have engaged Microsoft support and our partner resources but the issue doesn't seem to be able to be replicated with a standard gallery image.
I'm suspicious of FSLogix. I'm going to test disabling FS Logix and see if local profiles do not have the issue. However, we've simply set everything up per MS documentation on our Win 10 multi-session image, installed Office in shared activation mode per the WVD documentation, then snapshot, sysprep, and re-deployed using the WVD deployment template and our custom/sysprep image. We've also gone back to the bare basics in terms of the FS Logix GPO after tinkering with various settings.
I will update this thread as we learn more but any new information would certainly be appreciated. I'll just state the obvious here but turning off modern authentication through the registry is not an option for our MFA enabled accounts.
I've also found a past issue where FSLogix was having issues with edge and the solution was to register the appx package for edge.
Article on FSLogix forum here:
https://social.msdn.microsoft.com/Forums/windowsserver/en-US/d18184fe-a703-44e8-a4d3-f824ed10eeb6/edge-disappears-after-november-2019-updates?forum=FSLogix#3ae4fa02-dba2-4790-9655-d81efeef52f3
I'm not sure if anyone else has noticed additional appx package issues. We also see a black screen at login for users due to app readiness service. We are also seeing failures for some of these additional appx packages (which can be temporarily fixed by registering again in PowerShell).
Faulting application path:ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe
Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbweDeanbostedor I'm having the exact issue you described and also believe it's an FSLogix problem. Have you made any progress troubleshooting? I've gone through the same steps you described.
I can easily reproduce the issue when using the FSLogix profile service and logging in to the brokered WVD service with the Remote Desktop app, but if I login to the WVD hosts directly using MSTSC, and get a local profile, the issue cannot be reproduced.
- Tom_A_MSFT i was having the same problem as others on this thread, and manually registering the aadbrokerplugin per your recommendation fixed the issue. thanks.
Tom_A_MSFT activating the aad brokerplugin in a user session doesn't appear to persist. i logged out and back in and i'm back to the same problem i had before.
