Forum Discussion

SteveDMSFT's avatar
SteveDMSFT
Icon for Microsoft rankMicrosoft
Jan 24, 2022

The FSLogix 2201 Public Preview is now available

FSLogix 2201 Public Preview Update 1 has been published to address the issue outlined below. Please read details here.   FSLogix 2201 is now available in Public Preview.  This public preview is n...
Jason_Parker's avatar
Jason_Parker
Icon for Microsoft rankMicrosoft
May 03, 2022
gtiele When an application or process besides FSLogix is not properly releasing the open handles to the local_username folder, there is little FSLogix can do.

System reboots will release the open handles and should clean up the folders, but it does not mitigate the issue from reoccurring. We are still gathering evidence in order to determine if there is anything we can do, but no updates to report.

If we find a solution, there will for sure be a blog post about it.
gtiele's avatar
gtiele
Copper Contributor
May 03, 2022

It seems to be tied to a later (latest?) version of FSLogix since these errors are a relatively new occurrence for my clients.

The only other culprit I could think of that can hold files on driver/kernel level would be the antivirus software. We are using WithSecure (formerly F-secure) maybe other people are using the same?

Since it's a Kernel process there is no way of determining what process opened the file.

 

Jason_Parker can you elaborate what 3rd party software was involved in other occurrences?

For us the folders that are left in use (access denied) are mainly:

 

  • AppData\Roaming\Adobe\Acrobat\DC
  • AppData\Roaming\Downloaded Installations
  • AppData\Roaming\Google\Chrome
  • AppData\Roaming\Microsoft
  • AppData\Roaming\Microsoft Teams\Logs
  • AppData\Roaming\Slack

 

Since it's such a variety of files it's probably FSLogix itself or a virusscanner. I would like to trial running without AntiVirus but the issue only occurs every so often so that could take a long time to determine for sure if the issue stays away or not.

  • gtiele's avatar
    gtiele
    Copper Contributor
    May 03, 2022
    Thank you for the information.

    In my case we are not using the first 2 applications, so they are not exclusively to blame! 'Credential Manager' is the manager from Microsoft itself I assume? Can't call that 3rd party.

    Something else I don't understand. Why would these locks be generated when you logoff? If for example the Google folder is locked during normal usage the user would be unable to use Google Chrome. But that is not the case!

    Also some other behavior I observed. As soon as the problem occurs for one user. All user that logoff after that exhibit the same behavior. But once again, only when they logoff, during operation no error occurs. To me that seems to indicate that Fslogix itself does something upon user logoff causing certain files to blocked on kernel level.

    If it was a virus scanner it would be hit and miss, it's not logical that all the same directories for every user just happened to be scanned the moment a user logs off each and every time.
  • Jason_Parker's avatar
    Jason_Parker
    Icon for Microsoft rankMicrosoft
    May 03, 2022
    We have cases where the following applications or processes have open handles:
    - WebSocketService.exe (Citrix)
    - PolicyPak
    - Credential Manager
    - AntiVirus without exclusions
  • PdfPeet's avatar
    PdfPeet
    Copper Contributor
    May 03, 2022

    In the end, our workaround is:

    - Schedule a reboot of servers during Maintenance hours

    - Run a delprof2 afterwards

     

    That's it really. 

     

    In the end I've built a script that is scheduled on the RD Broker to check the RD Session Hosts during the night (the script is tied to a scheduled task that runs every 30 minutes between 03:00 AM and 05:00 AM) to reboot and cleanup the server whenever no users are connected (or are disconnected for at least 10 minutes). It also does some Client Side Rendering cleanups.

     

    Hope this script might help out some of you people out there:

     

    $Computers = (Get-RDSessionCollection | Get-RDSessionHost).SessionHost
$ScriptFolder = "C:\Scripts"
$LogFolder = "C:\Scripts\Logs"
$MinimumDisconnctedTimeInMinutes = 10

#Creating logoutput and filenames
$LogFile = $LogFolder + "\" + (Get-Date -UFormat "%d-%m-%Y") + " Maintain RDS Nodes.txt"

Function Write-Log
{
	param (
        [Parameter(Mandatory=$True)]
        [array]$LogOutput
	)
	$currentDate = (Get-Date -UFormat "%d-%m-%Y")
	$currentTime = (Get-Date -UFormat "%T")
	$logOutput = $logOutput -join (" ")
	"[$currentDate $currentTime] $logOutput" | Out-File $Logfile -Append
}

# Reboot where possible
Write-Log -LogOutput "Starting stage Reboot"
$rdUserSessions = Get-RdUserSession
$RebootedComputers = @()

Foreach($computer in $Computers)
{
    Write-Log -LogOutput "- Validating $($computer)"

    # Check if the server is online:
    If (Test-Path "\\$($computer)\\c$")
    {
        $noRdSessionBlock = $True
        $rdSessionCount = ($rdUserSessions | Where-Object { $_.HostServer -eq $computer}).Count

        # If there are sessions, see if they are a reason NOT to reboot:
        If ($rdSessionCount -gt 0)
        {
            # Walk through sessions on this computer:
            ForEach($rdUserSession in ($rdUserSessions | Where-Object { $_.HostServer -eq $computer}))
            {
                # Check if the session was active:
                If ($rdUserSession.SessionState -eq "STATE_ACTIVE") 
                { 
                    $noRdSessionBlock = $False 
                }

                # Check if the session is disconncted LESS than it should:
                ElseIf ($rdUserSession.DisconnectTime -gt (Get-Date).AddMinutes(0 - $MinimumDisconnctedTimeInMinutes))
                {
                    $noRdSessionBlock = $False 
                }
            }
        }

        # Check if we're OK to reboot:
        If ( $noRdSessionBlock )
        {
            # Test if the server has been 'up' for at least 16 hours:
            If ((Get-CimInstance -ComputerName $computer -ClassName Win32_OperatingSystem).LastBootUpTime -le (Get-Date).AddHours(-16))
            {
                # Reboot the server:
                Try
                {
                    Restart-Computer -ComputerName $computer -Force -Confirm:$False
                    $RebootedComputers += $computer
                    Write-Log -LogOutput "-> Server is rebooted"
                }
                Catch
                {
                    Write-Log -LogOutput "-> Failed to reboot Server"
                }
            }
            Else { Write-Log -LogOutput "-> Server was recently rebooted already" }
        }
        Else { Write-Log -LogOutput "-> Server still has active or recently disconnected sessions" }
    }
    Else { Write-Log -LogOutput "-> Server is not accessible" }
}

Write-Log -LogOutput "Sleeping 5 minutes to start-up"
Start-Sleep -Seconds 300

# Cleanup old profiles
Write-Log -LogOutput "Starting stage Cleanup"

Foreach($computer in $RebootedComputers)
{
    Write-Log -LogOutput "- Cleaning $($computer)"

    # Prepare request
    $arguments = ""
    $arguments += " /c:\\" + $computer;
    $arguments += " /u /ed:vt.admin* /ed:SVC-NW-PRTGServices";
    $finalcommand = ".\DelProf2.exe" + $arguments
                
    # Run request
    Push-Location $ScriptFolder
    $result = Invoke-Expression $finalcommand 
    Pop-Location
    Write-Log -LogOutput "-> Profiles Cleaned"

    # Also Cleanup the Printer Client Side Rendering:
    Invoke-Command -Computer $computer -ScriptBlock {
        $RegPath = "HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\Client Side Rendering Print Provider"
        If (Test-Path $RegPath) 
        { 
            Remove-Item $RegPath -Recurse -Force -Confirm:$False
            Restart-Service Spooler -Force
        }
    }
    Write-Log -LogOutput "-> Spooler Cleaned"
}