Forum Discussion

DjTjon01's avatar
DjTjon01
Copper Contributor
Apr 24, 2019
Solved

Start OneDrive when using a RemoteApp in WVD

Hi Guys,   I am testing with WVD in a Lab environment, and everything is working fine. I only have one thing that doesn't seem to work. OneDrive is starting when i'm using the "Full Desktop" mode i...
  • racook's avatar
    racook
    Sep 26, 2019

    mirthrock mshepherd 

     

    We are in the process of documenting how to auto-start OneDrive in a Remote App scenario.

     

    We will be documenting the following registry entry:

    HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\RailRunonce

     

    I believe this works the same as the regular run keys, except that anything listed under this key will be launched when the remote session starts.

     

    What happens is that in a remote session, Explorer.exe is not used as the Windows shell. rdpshell.exe is run instead. rdpshell.exe does not process Run entries. It does do the RailRunonce key though.

mirthrock's avatar
mirthrock
Brass Contributor
Jul 31, 2020

Hi luzmariae !  I apologize but its been a while since I set this up.  I just went through my settings and there are a few things to note:

 

1) RailRunOnce must be enabled

2) OneDrive Installer must be Machine-Wide

3) I used GPOs to have OneDrive silently sign in users, use files-on-demand, sync specific SharePoint Libraries, and most importantly limit each user to one session.  This is very important as OneDrive has no idea how to log itself in if its running on multiple sessions for the same user.

4) If the accounts have 2FA enabled, I had to log in as the user to the FULL Remote Desktop experience, follow the OneDrive 2FA prompts, and then log off.  This is a bit of a pain since the 2FA prompts return every 60 days or so.  So sometimes, I need to log in as the user to the full remote desktop experience again to re-input the 2FA prompts.  If you don't use 2FA (or have your IP configured in the 2FA exceptions) this step isn't necessary.

 

After all that, I was able to launch a RemoteApp and have OneDrive launch in the background without any issues.

 

If you need more detail, let me know.  Happy to help where I can.

 

Edit: Updated with more information and clarity.

jrngsg's avatar
jrngsg
Iron Contributor
Sep 02, 2020

mirthrock 

 

do you mind to explain more on which area to check or configure "have your IP configured in the 2FA exceptions"

 

is there a need to configure EnableADAL REG_DWORD=2 at HKCU\software\microsoft\onedrive?

 

Thanks

 
  • mirthrock's avatar
    mirthrock
    Brass Contributor
    Sep 03, 2020

    Sure jrngsg !

     

    Login to portal.azure.com and navigate to "Multifactor Authentication" (you may have to search for it in the Azure search bar).  Then under "Configure", click the link for "Additional Cloud-Based MFA Settings".  Then you'll see a box labeled "Skip multi-factor authentication requests from the following range of IP address subnets".  Add your public IP addresses and subnet mask in CIDR format.  Now, if a user authenticates from any of those IP addresses you added, they will not be prompted for 2FA.

     

    Regarding the registry key, I don't think you need it.  I might be wrong, but if you're using Office 365, Modern Auth is enabled by default on Outlook (if its updated) and your tenant.  See here for more info:

    https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/enable-or-disable-modern-authentication-in-exchange-online

     

    Hope that helps!

     

Resources