Forum Discussion

WihanHerbst's avatar
WihanHerbst
Copper Contributor
Feb 28, 2023

FSLogix with O365 Container on RDS 2019 Server, some users Intermittently get "The information store

We have a RDP Server farm with 3 servers currently in the farm. I inherited this FSLogix setup from someone else, and I also inherited this issue. We have about 20 users on each RDS Server. Generall...
Chris House's avatar
Chris House
Copper Contributor
Sep 14, 2023

Any further updates on this?

 

The environmental consistencies between those that are having the problem seem to be:

  • Windows Server 2019 Remote Desktop Services.
  • Multiple session hosts.
  • User profile disks/FSLogix.
  • Microsoft 365 apps.

 

Dinusha_Tharindu's avatar
Dinusha_Tharindu
MCT
Sep 14, 2023

Chris House Sorry Guys I totally forgot this one. 

 

Yes I resolved the issue, The root cause was the fslogix not roaming following component with their roaming profile which is crucial for the MS365 authentication especially after the Moderne authentication pushed by MS365 recently. 

 

So after adding the following to the redirections.xml these components can be roam ,That fixed my issue.

Create GPO to add the following Registry key or manually create:

HKEY_LOCAL_MACHINE\Software\FSlogix\Profiles

KeepLocalDir DWORD 1

 

Contents of redirections.xml file:

<?xml version="1.0" encoding="UTF-8"?><FrxProfileFolderRedirection>

<Excludes>

<Exclude Copy="0">AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy</Exclude>

<Exclude Copy="0">AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy</Exclude>

<Exclude Copy="0">AppData\Local\Microsoft\TokenBroker</Exclude>

</Excludes>

</FrxProfileFolderRedirection>

 

alternatively, You can enable SSO + Azure AD join session hosts or VDIs will resolve the issue completely. 

 

Interestingly enough this is listed on fslogix known issue but My Microsoft engineer still going here and there and couldn't figure this out yet. 
refer the link 
https://learn.microsoft.com/en-us/fslogix/troubleshooting-known-issues#azure-ad-broker-directories-and-apps

  • WihanHerbst's avatar
    WihanHerbst
    Copper Contributor
    Sep 14, 2023
    I wanted to post our solution as well as it is completely different. We already had SSO and Azure AD Joined RDS Servers, yet the issue continued.
    We had to do 2 additional steps to fix the issue.
    1. Update FSLogix to latest version
    2. Fix our ADFS configuration. We have Duo plugin for ADFS , and because of an incorrect configuration on ADFS side, all authentication going through ADFS where ADFS wants to do MFA (Even if Duo has that whitelisted) Would fail, before the authentication even gets to Duo. We addressed it as per the Duo article: https://help.duo.com/s/article/6801?language=en_US
    Once we did this it was resolved.
    Obviously if you do not have some MFA plugin for ADFS, you don't have to worry about this.

Resources