Forum Discussion
Outlook login issues with WVD - FSLogix
DAsnow this scenario isn't ringing a bell in terms of a common scenario, probably best to contact support on this.
Following fix in place at the moment:
Create GPO to add the following Registry key or manually create:
HKEY_LOCAL_MACHINE\Software\FSlogix\Profiles
KeepLocalDir DWORD 1
Then add a "redirections.xml" file in the following location of each user:
c:\users\%username%\AppData\Local\FSLogix
The redirection only works when the file is present upon logon so do a logoff/logon afterwards or inject into the dormant profile.
Contents of redirections.xml file:
<?xml version="1.0" encoding="UTF-8"?><FrxProfileFolderRedirection>
<Excludes>
<Exclude Copy="0">AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy</Exclude>
<Exclude Copy="0">AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy</Exclude>
<Exclude Copy="0">AppData\Local\Microsoft\TokenBroker</Exclude>
</Excludes>
</FrxProfileFolderRedirection>
You will have to enter credentials on EACH Session Host ONCE but after that you can move between hosts without any issue.
The theory of this fix:
Modern Authentication works with Tokens. Those tokens contain the Device ID. Storing them in FSLogix breaks them because the Device ID contained in them no longer matches. The fix pushes those tokens out of the FSLogix container to a local_username folder and no longer deletes that folder upon logoff from the machine. Once you have a working token on each host it will refresh if needed but it no longer breaks. Hope this helps because MS was clueless after spending a few weeks with the FSLogix/Office teams.
Thank you. Absolutely one of the best answers I have ever seen in a forum. I especially applaud the Theory of this fix section. No answer is truly complete without it! Bravo.
Do you have a job with the FSLogix or Outlook team yet!
This should be published in the FSLogix troubleshooting section!
Thank you.
David
azanoncello Many Many Thanks for guiding us to the correct solution.
Indeed, updating FSLOGIX to 2210 was asking me to sign in to Office Products/One Drive at each opening of AWD Session.
I've added the registry key RoamIdentity to value 1 and it instantly sorted the issue.
I've now updated our FSLOGIX ADMT template to enable the RoamIdentity value to enable by GPO and all my AWD are not authenticating correctly and only once.
That was unbeliviably useful so Thanks again for sharing this tip.
PS:, I've also have another issue on some AWD, where One Drive refuses to start and launch.
this can be sorted by adding a registry key in : [HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive] "ClientEverSignedIn"=dword:00000001.
I don't know yet if this is also a FSLOGIX issue or linked to the new version of One Drive only.
I took this article as reference : https://answers.microsoft.com/en-us/msoffice/forum/all/onedrive-sign-in-failure-on-windows-10-or-11-multi/72775e41-7743-4ef4-a6f3-65150ed5c2cd?rtAction=1695209861528.
Once again a huge thanks for all these articles that helped me sorting the issue for our org. hopefully next release of FSLOGIX will fix it.
Best
- Thanks for the MS article and quick explanation.
- The whole reason you have this issue is because you don't have SSO or can't do SSO in your current setup. (see the note in the MS article I posted above).
If you are using AADDS then you don't have SSO. If you have a regular DC with SSO then this becomes a non-issue because the users are automatically signed in and don't need the token saved to the container (which is preferred but not possible with AADDS at this time). Thanks! Interested in SSO, is there a link you could reply with to get me started? Thanks again.
yes it's because you are missing a setting. Roamidentity
https://learn.microsoft.com/en-us/fslogix/reference-configuration-settings?tabs=profiles#roamidentity
They changed the default to turn this off but if you don't have SSO you need the credentials to save in the container.
I haven't updated my fslogix for quite some time (September 2022). I finally did install the latest fslogix for my hosts. Now I am having this issue with the SSO. Which brought me to this thread. From reading the thread, it looks like it was fixed with the latest fslogix. Hoewever, I am experiencing this and I never was prior to the new install. Any ideas?
