Forum Discussion
Outlook login issues with WVD - FSLogix
DAsnow this scenario isn't ringing a bell in terms of a common scenario, probably best to contact support on this.
But is this solved.
I almost have the same issue. All machines or hybride joined but we use ADFS on-premise for authentication with MFA.
User logons the first time and gets the popup and save password. After logout and session is logout and not disconnected (user log back in and gets a corrupted ost or gets the popup again to logon)
Is there a doc to solve the problem because we want to go live. This can be a show stopper to WVD with does corrupted ost and Outlook popup for logon continuously.
- cvanaxel
PieterWigleven
FinTechSean
DAsnow
benjamink9
Just got confirmation directly from our Microsoft Partner Technology Strategist and Sr. Cloud Solution Architect with collaboration with the FS Logix, WVD, and Office team. This IS an issue. It's being call a "defect" in Office where it's registering session hosts to Azure AD. When users get moved to other hosts, the token breaks because it contains the deviceID of the first registered session host in the FS Logix profile.
The workaround/fix is to:
A: Implement Hybrid Azure AD join/Seamless SSO and BLOCK device registration through registry settings for Hybrid AD environments (I have registry settings above).
B: For Azure ADDS environments, block device registration in registry (no option for Hybrid Azure AD Join/Seamless SSO at the moment. A login script may be required if the Azure AD Broker plugin stops working (see my posts much earlier in the thread).
Engineering is working on a fix on the Office/OneDrive side of things. In the meantime, you must implement the fix and recreate all FSLogix profiles.- Is it really required to recreate the FSLogix Profiles??
They are QUITE big and its huge penalty when it syncs OL Profiles etc.. And people lose their settings - cant i some how via a Script fix / remove the defect and just relogin to the user?
I have implemented the BlockAADWorkplaceJoin in registry ..- No, for each profile, do a 'dsregcmd /status'. If it says "Workplace joined: Yes", run WPJCleanUp in the user's session. That'll quit the session from Azure AD. Then all you have to do is disconnect from Teams, and sign back into Teams and Outlook.
- This is very interesting, I'am in the same situation with outlook sign in issues on new rds plattform with 2019 and latest 365 office suite. Work for a while, but suddenlty some users cant login to outlook, event viewer has alot of aadtokenbrokerplugin error on the rds host where user are logged on.
We dont use seamless sso/adsync or adfs becausse there are users from many different 365 tenants. Open case with Ms Support, but for now they just messing around with the wrong things.- Tom_A_MSFT
Microsoft
carliv if you are getting AADBroker plug in errors in the event viewer can you try a couple things to help identify the issue?
1. From PowerShell check if AADBroker plug in is registered by running this command, note this is a per user install so you will need to have user experiencing this issue try this:
Get-AppxPackage Microsoft.AAD.BrokerPlugin
2. If it returns no output, issue is the AADBroker plug in isn't registered. Now see if you can force registration, again from user session:
Add-AppxPackage -Register "C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml" -DisableDevelopmentMode -ForceApplicationShutdown
3. I suspect when you run the second command it may hang and never progress past "Initializing"
4. If #3 is true, then the AppXSvc is having an issue. To resolve you'll need to do the following as admin on the VM experiencing the issue:
- Go to TaskManager>Services, find AppxSvc, note processID
- Rt. Click AppxSvc> Go to Details>End Task
- Once AppxSvc is in stopped state, again from TaskManager>Services>AppxSvc Rt.Click>Start
5. Now have user run the registration command again:
Add-AppxPackage -Register "C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml" -DisableDevelopmentMode -ForceApplicationShutdown
If it succeeds we know the AppxSvc was blocking. This should at least workaround the issue. Let me know if this works and the OS version of the VM you are experiencing the issue on.
- So there is no solution for ADFS authentication?
cvanaxel it's difficult to determine whether this is the same issue based on the limited information. Do you have a customer support case opened?
I'm working on documentation to describe the issue listed in my previous replies and test the workaround before changing the win10 multi-session image that can be found in the Azure gallery.
- I will open one wright now. Because im really tired off troubleshooting. I cant figure out where to look. Is it an FSLogix problem for corrupted OST files and the login isseu more an authentication problem. There is almost non documentation to work with.
cvanaxel How do your VMs show in Azure AD? Are they similar (Aure AD registered) like the screenshots shown in recent replies in this thread?
