This message was deleted.
# microsoft-fslogix
s
This message was deleted.
b
Nope never.
Azure AD Hybrid Join, roaming of local appdata via FSLogix. It has always been a success until now.
j
Are you saying it is now failing? I wonder if removing the above reg keys and folders would then allow it to succeed, if that's the case
b
Nope, it's working like a charm. Let me test this in my lab.
j
The statement that "roaming any data under the path %localappdata% is not supported" bothers me the most. I've been roaming that folder for YEARS and never faced a support issue
But if that were true, surely FSLogix would not roam it by default?
b
I see it the same way. Microsoft giving out advice again....
j
Problem is I have a customer with an issue getting licenses and deleting these keys apparently fixes it
b
Masterdevice AzureAD joined?
j
They're hybrid joined, AFAIK
b
That could be the problem. If the master device is azure ad hybrid joined, then the deviceguid is the same for all clones. Now this is hypothetical, but what does dsregcmd /leave and dsregcmd /join do? does it delete the registry keys listed above and reset them?
j
Let me take that back to the customer and ask.....
b
maybe ask them also how the masterimage is sealed. in BISF 1912.6 there is a bug in the adml files where the leave does not work properly.
j
Good point, I think this customer is using BIS-F, but I could be wrong
b
This has been fixed in 1912.7 --> https://github.com/EUCweb/BIS-F/pull/331
❤️ 1
👍 1
j
Apparently these are all joined to the local domain, it's just Office activation issues they are seeing
Well I've got an MS engineer on the line who is SWEARING BLIND that you cannot save the LOCALAPPDATA folder with ANY profile management tool or your environment is unsupported. @JimMoyle got any thoughts on this?
n
Unsupported by Microsoft? lol, honestly, does it matter? In my experience with their support, they will simply blame Citrix until the end of days anyway. In UPM, we have to mirror _Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy_ for certain things to work properly.
j
Yeah I've had to do that before, but he's giving it the "this is well-known best practice for non-persistent VDI and has been known for years". He got both barrels
n
He's also wrong about that, too.
d
yea this is what broke the latest FSLOGIX from what i understand. Thats why they brought back the roam option. I had a lot of issues with office activation and tried removing those keys but that just made things worse.
b
@James Rankin just to make sure, and i'm sure you've already checked this: customer has fslogix < 2210 or 2210 HF1 with RoamIdentity = 1 in use?
m
Just to add to what Balint said: • Windows Server 2019 • CVAD 1912+ • BIS-F 1912.7 with my bugfix for hybrid join • FSLogix 2.9.8228.50276+ • Office 365 32/64 monthly Enterprise • MCS clones are hybrid joined • AAD Connect with PHS and full sync • AAD SSO configured With all of that, I haven’t heard about Office 365 or Teams license issues for months. I haven’t configured anything else for that to work, especially no profile in- or exclusions, it just works.
j
@Balint Oberrauch yes they're on an older FSLogix version, will check RoamIdentity setting
m
But isn’t that setting only relevant on the latest versions?
b
RoamIdentity is only necessary with 2210 HF1. Would AzureAD Hybrid join be possible at your customer?
j
Sadly not
j
There's no convincing this lot of anything
j
We exclude the 4 folders you listed in our redirections.xml, have a logoff script that deletes the 3 reg keys, block hybrid and workplace join, and implement the other Azure Seamless SSO reg keys. Has cleared up all of our license and extra login issues.
j
So you have to delete the reg keys at logoff? What an absolute faff on