Known Issues
FSLogix can be used in various solutions and environments. Through customer feedback, on-going support cases, or direct testing, there are issues that have been identified which may affect your environment(s). This article will outline these items as they're discovered. Some known issues have listed workarounds while others will require a code change in the product.
Note
Not all known issues will be addressed through product changes as some cases are dependant on other products or organizations.
Azure AD Authentication for applications
Note
Updated: January 18, 2023
Affected version(s): 2210 (2.9.8361.52326) or later
Users may be required to authenticate to their applications (for example, Microsoft 365 apps, Teams (work or school), OneDrive, etc.) at every sign-in. The repeated authentication prompts are due to the virtual machines Azure AD device state. We recommend virtual machines are Azure AD Joined (AADJ) or Hybrid Azure AD Joined (HAADJ) for the best user experience.
Virtual machines, which are AADJ or HAADJ create the user's primary refresh token (PRT) at sign-in. Primary refresh token(s) created at sign-in will be used to authenticate to Azure AD based applications. Standard Domain Joined (DJ) virtual machines don't create a PRT at sign-in, instead rely on the Microsoft Azure AD broker plugin.
Azure AD broker directories and apps
Starting in FSLogix 2210 (2.9.8361.52326) and later versions, all content stored in following locations is no longer roamed as part of the user profile.
%USERPROFILE%\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy%USERPROFILE%\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy%USERPROFILE%\AppData\Local\Microsoft\TokenBroker
Determining your device status
Running the dsregcmd command will provide an output that displays the state of the virtual machine in Azure AD.
Tip
Run the dsregcmd /status command as a Domain User.
dsregcmd /status
|
|---|
| Figure 1: Results of a virtual machine in the problem state |
The following articles are provided to help determine whether or not your virtual machines are configured to use primary refresh tokens as part of an Azure AD sign-in process.
- Azure AD Integration Methods
- Device identity and desktop virtualization
- Troubleshoot devices by using the dsregcmd command
Note
When using non-persistent VDI, you need to prevent users from adding work or school accounts. Use the below registry entry to prevent adding these virtual machines to your Azure AD directory. Failure to do so will result in your directory having lots of stale Hybrid Azure AD joined devices that were registered from your non-persistent VDI platform resulting in increased pressure on your tenant quota and risk of service interruption because of running out of tenant quota.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin: "BlockAADWorkplaceJoin"=dword:00000001
Mitigation
Uninstall FSLogix 2210 (2.9.8361.52326) and install FSLogix 2201 hotfix 2 (2.9.8228.50276).
Resolution
FSLogix v2210 hotfix 1 will provide a new configuration setting which will allow customers affected by this issue to re-enable the roaming of the Azure AD broker plugin, Cloud Experience Host, and Token Broker folders within the user's profile.
Black screen at sign-in or sihost.exe application hanging
Note
Updated: January 18, 2023
Affected version(s): 2210 (2.9.8361.52326) or later
With the RoamRecycleBin setting enabled (enabled by default) and during the sign-in process, some users may experience a black screen instead of displaying the desktop. The black screen occurs when we configure the initial virtualization of the recycle bin. During the sign-in process, the recycle bin isn't empty on the virtual machine and our process attempts to empty it for all users.
Mitigation
Disable the RoamRecycleBin setting using the registry or Group Policy.
Resolution
FSLogix 2210 hotfix 1 will have updates to resolve this issue.
Service Crash: User receives default or temporary profile (profile fails to load)
Note
Updated: January 18, 2023
Affected version(s): 2210 (2.9.8361.52326) or later
With the InstallAppxPackages setting enabled (enabled by default) and during the sign-in process, some users may receive a default or temporary profile as a result of the user's profile container failing to attach. The container failure occurs as a result of the frxsvc.exe crashing during sign-in.
Warning
Does not cover all scenarios where a user's profile fails to load.
Mitigation
Disable the InstallAppxPackages setting using the registry or Group Policy.
Resolution
FSLogix 2210 hotfix 1 will have updates to resolve this issue.
ODFC disk compaction fails with RoamSearch enabled
Note
Updated: January 18, 2023
Affected version(s): 2210 (2.9.8361.52326) or later
In some cases where RoamSearch and VHDCompactDisk1 are enabled (1enabled by default), disk compaction fails with the following error:
"[ERROR:00000000] Exception thrown during getSupportedSize, exception: D:\a\_work\1\s\packages\Microsoft.Windows.Wil.Internal.0.2.103\inc\wil\opensource\wil\result_macros.h(6159 )\frxsvc.exe!00007FF63B53EC53: (caller: 00007FF63B53FB0D) Exception(2) tid(39c) 800401F0 CoInitialize has not been called."
The result is the frxsvc.exe service crashes and the operation fails to succeed.
Mitigation
Disable the VHDCompactDisk setting using the registry or Group Policy.
Resolution
FSLogix 2210 hotfix 1 will have updates to resolve this issue.
Feedback
Submit and view feedback for