FSLOGIX Profile Issue when opening Internet Explorer

Copper Contributor

Users are logging into a web site via IE and they get a:

 

"Can't Connect Securely to site users outdated or unsafe TLS security settings."

 

This IE security issue is failing on most users account when connecting with FSLogix Profile. Only a hand full have allowed user to access web site. One thing noticed is that when the fslogix profile is deleted it sometimes will allow the user access but after logging off and back on the session displays the error message again.

 

 

 

 

 

 

5 Replies

@shockashark this will require specific trouble shooting of the environment, website, FSLogix configuration, etc.  I would suggest opening a support ticket as this is not a known general issue.

@Doug_Coombs 

Hello Doug, We are having a similar issue and I was wondering if a fix has been found in FSLogix?

Sir, I removed the users fxlogixofficeprofile and fxlogixprofiles then reloaded user. My issue was from power shell and robo copying Desktop, Docs, etc... The Default Apps copy over is what I believe broke the IE.  Again in some way I believe it broke the users profile when coping this data over. @Philippm 

@shockashark 

 

I have the same issue and following steps solved my issue.

 

Excluding "AppData\LocalLow\Microsoft" didn't help with all the users

 

Root cause: Local profile wasn't deleted properly and especially this folder (locallow\microsoft\crypto\TokenBindingKeys) was causing the issue.

 

tokenBindingKeys.jpg

 

Lots of users were already used WVD and FSLogix so it was unable to exclude the folder from some of the session hosts. To tackle the issue I enabled the following Group Policy and it worked like a charm.

 

ProfileContainer.jpg

 

Example of my redirection.xml file

<?xml version="1.0"?>

<FrxProfileFolderRedirection ExcludeCommonFolders="0">
	
<Excludes>	

 <Exclude Copy="0">AppData\LocalLow\Microsoft</Exclude>	

 <Exclude Copy="0">AppData\Local\Google\Chrome\User Data\Default\Cache</Exclude>

 <Exclude Copy="0">AppData\Local\Microsoft\Edge\User Data\Default\Cache</Exclude>

 <Exclude Copy="0">AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache</Exclude>

 <Exclude Copy="0">AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache</Exclude>

</Excludes>
  
<Includes>

 <Include Copy="3">AppData\LocalLow\Sun\Java\Deployment\security</Include>

</Includes>

</FrxProfileFolderRedirection>

 

Hope that will help.

Please don't forget to restart your Session Hosts.

 

Thank you

@shockashark 

I have the same issue and following steps solved my issue.

 

Excluding "AppData\LocalLow\Microsoft" didn't help with all the users

 

Root cause: Local profile wasn't deleted properly and especially this folder (locallow\microsoft\crypto\TokenBindingKeys) was causing the issue.

 

Lots of users were already used WVD and FSLogix so it was unable to exclude the folder from some of the session hosts. To tackle the issue I enabled the following Group Policy and it worked like a charm.

 

 

 

Example of my redirection.xml file

<?xml version="1.0"?>

<FrxProfileFolderRedirection ExcludeCommonFolders="0">
	
<Excludes>	

 <Exclude Copy="0">AppData\LocalLow\Microsoft</Exclude>	

 <Exclude Copy="0">AppData\Local\Google\Chrome\User Data\Default\Cache</Exclude>

 <Exclude Copy="0">AppData\Local\Microsoft\Edge\User Data\Default\Cache</Exclude>

 <Exclude Copy="0">AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache</Exclude>

 <Exclude Copy="0">AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache</Exclude>

</Excludes>
  
<Includes>

 <Include Copy="3">AppData\LocalLow\Sun\Java\Deployment\security</Include>

</Includes>

</FrxProfileFolderRedirection>

 

Hope that helps.

Please don't forget to restart your Session Hosts.

Thank you