Virtual desktop infrastructure (VDI) is defined as the hosting of desktop environments on a central server. It is a form of desktop virtualization, as the specific desktop images run within virtual machines (VMs) and are delivered to end clients over a network. Those endpoints can be various devices including PC and tablets. There are many applications for this technology but today we will discuss some of the most common issues our customers face when using Microsoft Outlook (this extends to other Microsoft office apps) in a non-persistent Virtual Desktop Infrastructure (a.k.a. VDI) and are using Exchange Online. Some of the issues end users might see include:
To avoid these issues being caused by non-persistent VDI, we will discuss best practices. There are a lot of unsupported scenarios when it comes to using VDIs with Azure. To check supported scenarios please see the following link - VDI Supported Scenarios. There are some preparations that must be made for your users to have the best Microsoft 365 experience with Outlook. Currently, Microsoft only supports Hybrid Azure AD Join for VDIs. This means that you must follow the prerequisites and planning that is laid out here.
Not planning on hybrid Azure AD joining?
To prevent machines from performing workplace and Azure AD Join use the following registry keys: (Note: You may also have to delete the computer/device object from Azure AD devices if these computers have already been joined.)
Create a new DWORDs in this path HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WorkplaceJoin
Requirements for all scenarios for non-persistent VDI
Ensure that you are NOT roaming your Identity hive located in Computer\HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
Ensure that you have shared computer activation configured for your VD environment. (See here for more information on shared computer activation)
Ensure that Office and Windows are to the most recent updates. Please see here for necessary Windows and Office builds.
If you are using a non-persistent VDI and may already be Azure AD Domain joined the following steps should remove the device from being Azure AD joined:
Verify that machines are not Azure AD and/or Workplace joined
Verify the following registry keys are present to prevent the machine from rejoining Azure AD or Workplace join:
1. Create a new DWORDs in this path HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WorkplaceJoin
2. If you are Azure AD joined, run the following command in an elevated command prompt, DSRegCMD /Leave and then reboot the host. You can check the status of AAD join by running DSRegCMD /status in command prompt.
3. If you are Workplace joined (this is harder to remove) you have to perform the below steps. Run DSRegCMD /Status to check status of workplace join in command prompt.
4. Navigate to Settings > Accounts > Access work or school > Disconnect
Hope this helps in your deployments! Let us know if you have any questions!
Taylor Morrison
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.