Known Issues

FSLogix can be used in various solutions and environments. Through customer feedback, on-going support cases, or direct testing, there are issues that have been identified which may affect your environment(s). This article will outline these items as they're discovered. Some known issues have listed workarounds while others will require a code change in the product.

Note

Not all known issues will be addressed through product changes as some cases are dependant on other products or organizations.

Azure AD Authentication for applications

Note

Updated: January 18, 2023

Affected version(s): 2210 (2.9.8361.52326) or later

Users may be required to authenticate to their applications (for example, Microsoft 365 apps, Teams (work or school), OneDrive, etc.) at every sign-in. The repeated authentication prompts are due to the virtual machines Azure AD device state. We recommend virtual machines are Azure AD Joined (AADJ) or Hybrid Azure AD Joined (HAADJ) for the best user experience.

Virtual machines, which are AADJ or HAADJ create the user's primary refresh token (PRT) at sign-in. Primary refresh token(s) created at sign-in will be used to authenticate to Azure AD based applications. Standard Domain Joined (DJ) virtual machines don't create a PRT at sign-in, instead rely on the Microsoft Azure AD broker plugin.

Azure AD broker directories and apps

Starting in FSLogix 2210 (2.9.8361.52326) and later versions, all content stored in following locations is no longer roamed as part of the user profile.

  • %USERPROFILE%\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy
  • %USERPROFILE%\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy
  • %USERPROFILE%\AppData\Local\Microsoft\TokenBroker

Determining your device status

Running the dsregcmd command will provide an output that displays the state of the virtual machine in Azure AD.

Tip

Run the dsregcmd /status command as a Domain User.

dsregcmd /status
D S R E G C M D output
Figure 1: Results of a virtual machine in the problem state

The following articles are provided to help determine whether or not your virtual machines are configured to use primary refresh tokens as part of an Azure AD sign-in process.

Note

When using non-persistent VDI, you need to prevent users from adding work or school accounts. Use the below registry entry to prevent adding these virtual machines to your Azure AD directory. Failure to do so will result in your directory having lots of stale Hybrid Azure AD joined devices that were registered from your non-persistent VDI platform resulting in increased pressure on your tenant quota and risk of service interruption because of running out of tenant quota.

HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin: "BlockAADWorkplaceJoin"=dword:00000001

Mitigation

Uninstall FSLogix 2210 (2.9.8361.52326) and install FSLogix 2201 hotfix 2 (2.9.8228.50276).

Resolution

FSLogix v2210 hotfix 1 will provide a new configuration setting which will allow customers affected by this issue to re-enable the roaming of the Azure AD broker plugin, Cloud Experience Host, and Token Broker folders within the user's profile.

Black screen at sign-in or sihost.exe application hanging

Note

Updated: January 18, 2023

Affected version(s): 2210 (2.9.8361.52326) or later

With the RoamRecycleBin setting enabled (enabled by default) and during the sign-in process, some users may experience a black screen instead of displaying the desktop. The black screen occurs when we configure the initial virtualization of the recycle bin. During the sign-in process, the recycle bin isn't empty on the virtual machine and our process attempts to empty it for all users.

Mitigation

Disable the RoamRecycleBin setting using the registry or Group Policy.

Resolution

FSLogix 2210 hotfix 1 will have updates to resolve this issue.

Service Crash: User receives default or temporary profile (profile fails to load)

Note

Updated: January 18, 2023

Affected version(s): 2210 (2.9.8361.52326) or later

With the InstallAppxPackages setting enabled (enabled by default) and during the sign-in process, some users may receive a default or temporary profile as a result of the user's profile container failing to attach. The container failure occurs as a result of the frxsvc.exe crashing during sign-in.

Warning

Does not cover all scenarios where a user's profile fails to load.

Mitigation

Disable the InstallAppxPackages setting using the registry or Group Policy.

Resolution

FSLogix 2210 hotfix 1 will have updates to resolve this issue.

ODFC disk compaction fails with RoamSearch enabled

Note

Updated: January 18, 2023

Affected version(s): 2210 (2.9.8361.52326) or later

In some cases where RoamSearch and VHDCompactDisk1 are enabled (1enabled by default), disk compaction fails with the following error:

"[ERROR:00000000] Exception thrown during getSupportedSize, exception: D:\a\_work\1\s\packages\Microsoft.Windows.Wil.Internal.0.2.103\inc\wil\opensource\wil\result_macros.h(6159 )\frxsvc.exe!00007FF63B53EC53: (caller: 00007FF63B53FB0D) Exception(2) tid(39c) 800401F0 CoInitialize has not been called."

The result is the frxsvc.exe service crashes and the operation fails to succeed.

Mitigation

Disable the VHDCompactDisk setting using the registry or Group Policy.

Resolution

FSLogix 2210 hotfix 1 will have updates to resolve this issue.