Table of Contents
Recently, I have been involved more and more in projects where Office365 is to be fully implemented in Citrix environments. This means that the customer not only needs the standard Office applications Outlook, Excel and Word, but also wants to use teams and OneDrive.
But this is exactly where we, without additional software, have big problems in non-persistent desktop environments. For example with our profiles (Team Installer stores its data in the profile) or so that the data is downloaded from the Internet every time (excluding OneDrive Sync data in the profile).
However, we have recently been in the fortunate position of being able to use FSLogix “free of charge” for this purpose, if we meet the following requirements:
- Microsoft 365 E3/E5
- Microsoft 365 A3/A5/ Student Use Benefits
- Microsoft 365 F1/F3
- Microsoft 365 Business
- Windows 10 Enterprise E3/E5
- Windows 10 Education A3/A5
- Windows 10 VDA per user
- Remote Desktop Services (RDS) Client Access License (CAL)
- Remote Desktop Services (RDS) Subscriber Access License (SAL)
FSLogix Technologies
A short list of the individual FSLogix components.
Profile Container
Profile Container basically moves all profile files and folders into a VHD / VHDX file in the network and then mounts it as a container in the target system when logging on. This will replace the existing profile solutions where the files are copied over the network to the target system, like Roaming Profile or Universal Profile Management.
Office Container
Office Container redirects only the part of the profile that contains Office data. This allows FSLogix to be used parallel to already implemented profile solutions. This functionality is useful for the Outlook OST file, Team Installer or OneDrive Offline files.
Application Masking
Application Masking manages access to applications, fonts, printers, etc. Access can be controlled by user, IP address range and other criteria. This significantly reduces the number and complexity of Golden Master Images.
Java Version Control
Java Version Control allows all applications & websites to work with the Java version they need. The selected Java version must be installed on the client computer. Multiple versions of Java can be installed side by side. All within the same client system.
MSIX App Attach
MSIX App Attach assigns applications stored at a central location in MSIX format to the operating system. After it is attached, the applications look locally installed to both the user and the operating system. Based on application groups, applications can be deployed immediately without the need to deploy a new Golden Image.
By combining FSLogix Profile Container and MSIX App Attach, the operating system remains completely clean and data, profiles, and applications are completely separated.
Setup of FSLogix Container
In this blog I don’t look at the complete FSLogix technology palette in detail, but first I’ll only discuss the features Profile & Office Container.
Important !
Since FSLogix do not perform any housekeeping, the use of e.g. Microsoft Teams can cause the containers to bloat dramatically. Furthermore FSLogix does not shrink the container even if data is deleted from it.
To avoid this problem, you should run the Shrink Script at regular intervals (e.g. as a Scheduled Task) to prevent the container from inflating.
Architecture
Normally in non-persistent environments, the profiles are file-based and copied to the target server when logging in and back to the file server when logging off (Roaming Profile, UPM, etc.). Due to the latest requirements (e.g. Microsoft Teams or OneDrive) for user profiles, these profiles have become very large and therefore the logon and logoff times are often unacceptable. With the FSLogix Container architecture, the user profiles are placed in VHD(X) files and stored at a network location. At session runtime, the user profile is mounted and thus the waiting time for the profile is eliminated.
Prerequisites
I assume the following things and do not go into them in detail:
- Installed and licensed Citrix environment (StoreFront, DDC etc.)
- Established profile solution (here UPM) for Office365 Container Feature
- Installed Office365 for Office365 Container Feature
Profile Container
In order to use the Profile Container feature, the required package must be installed on the Golden Master Image and activated via GPO.
If another profile method (roaming, UPM, etc.) is to be already used and be replaced, this must be deactivated before activating Profile Container (here UPM via WEM).
Migration Methods
To migrate from existing Profile solutions to FSLogix Profile Containers, there are various existing instructions.
Local Profile nach Profile Container
File Server
Important !
For optimal performance, the file server and the target server should be in the same data center location.
Exclude VHD(X) files from antivirus scanning to avoid performance bottlenecks.
For network bandwidth, it is recommended to schedule between 5 and 30 MBps per user, depending on the type of usage.
Ressourcen Requirement
Runtime 10 IOPS per user
Login / Logout 50 IOPS per user
- Create a folder on your file server for the Profile Container of the users.
- Set the following permissions.
User Account | Folder | Permissions |
CREATOR OWNER | Subfolders and Files Only | Full Control |
SYSTEM | This Folder, Subfolders and Files | Full Control |
Administrator | This Folder, Subfolders and Files | Full Control |
Users | This Folder Only | Create Folders / Append Data |
Users | This Folder Only | List Folder / Read Data |
Users | This Folder Only | Read Attributes |
Users | This Folder Only | Traverse Folder / Execute File |
- Activate the share and set the share permissions for the Authenticated Users to Change and Read.
Golden Master Image
- Download the FSLogix package and extract it
- After some tests I can not recommend every version, the following versions are tested and did not cause any errors with my customers
- Version FSLogix_Apps_2.9.6964.52690 -> Old & Stable
- Version FSLogix_Apps_2.9.7349.30108 -> New & Stable
- Launch the installer FSLogixAppsSetup
- Click in the following window on “I agree to the license terms and conditions“
- Via the button Options you can adjust the path of the installation
- Click Install to start the installation.
- After the installation you can check the Services menu, that the FSLogix services are installed and running.
FSLogix Apps Service
- Service name: frxsvc
- Description: FSLogix Apps Service Component.
- Path to executable: “C:\Program Files\FSLogix\Apps\frxsvc.exe”
- Startup type: Automatic
FSLogix Cloud Caching Service
- Service name: frxccds
- Description: FSLogix Apps Cloud Caching Service Component.
- Path to executable: “C:\Program Files\FSLogix\Apps\frxccds.exe”
- Startup type: Automatic
- To control the execution of the agent on the worker, the following groups have been created locally in the worker
- These groups can be used to define (White/Blacklistening) who can use the container solution
- FSLogix ODFC –> Office Container
- FSLogix Profile –> Profile Container
- By default, the user Everyone is member of the include groups
- It is recommended that you create and store an AD group for each of the required include and exclude lists.
- These groups can be stored locally in the Golden Master or centrally via Group Policy Preferences
Active Directory Server
- Copy the ADMX & ADML file from the extracted FSLogix folder
- Paste these files into your PolicyDefinitions folder
- Open the Group Policy Management Console
- Create a GPO in the OU of your Worker Machines
- Now configure the settings you need for Profile Container
The folowing are the most important settings from the FSLogix ADMX file.
/ Computer Configuration / Policies / Administrative Template / FSLogix / Profile Container
Enabled (Must be configured)
This point activates the complete Profile Container feature.
VHD location ( Must be configured )
A list of file system locations to search for the user’s profile VHD(X) file. If one isn’t found, one will be created in the first listed location. If the VHD(X) path does not exist, it will be created before verification.
These values can contain variables that will be resolved. Supported variables are %username%, %userdomain%, %sid%, %osmajor%, %osminor%, %osbuild%, %osservicepack%, %profileversion%, and any environment variable.
Size in MBs
Defines the size of the newly created VHD(X) file in MB. Depending on the type of usage, it is recommended to plan between 5 and 15 GB per user. The originally defined 30 GB should remain defined, since this is only the maximum size of the container and not the directly used size on the disk, if Dynamic VHD(X) allocation is enabled.
A change of this setting only affects newly created containers. Existing containers must be extended by script.
Dynamic VHD(X) allocation
If Dynamic VHD(X) allocation is enabled, the VHD(X) files are assigned dynamically. This means that the file size of the VHD(X) file only grows when data is added to the Profile Container.
If this option is not enabled, automatically created VHD(X) files will be directly allocated to the full data storage space.
PROFILE TYPE (MUST BE CONFIGURED)
Normal direct-access profile
The client tries to mount the VHD(X) file directly when logging in (1 to 1 connection). No Difference Disks are used. If simultaneous further access is attempted, it fails with a share violation (error 20). When logging off, the VHD(X) file is unmounted again.
Read-write profile
The client performs the following logon steps:
- The Difference Disk RW.VHD(X) is tried to open with read/write access. If successful, the Difference disk will be merged with the parent Profile disk. When the merge is complete, the RW.VHD(X) file is deleted.
- A new RW.VHD(X) Difference Disk is created.
- The new RW.VHD(X) file is mounted as a profile disk.
The following steps are performed during logoff:
- Detaches the RW.VHD(X) difference disk (the user’s Profile VHD/X)
- Attempts to open the RW.VHD(X) difference disk with Read/Write access. If it is successful, it merges the difference disk to the parent. If it completes the merge, the RW.VHD(X) file is deleted
The RW Difference Disk is stored in the network directly next to the Profile Disk.
Read-only profile
The client performs the following logon steps:
- Client attempts to delete the previous RO difference disk (if it exists)
- A new RO-Difference disk will be created
- The new RO difference disk are attached as the user’s Profile VHD
The following steps are executed during logoff:
- Client detaches the RO difference disk
- The RO-Difference Disk will be erased
The RO Difference Disks are stored in the local Temp directory of the client and are called %usersid%_RO.VHD(X).
Try for read-write profile and fallback to read-only
Client checks to see if a RW.VHD(X) file exists. If no file exists, it performs the same steps as for Read-write profile. If the file RW.VHD(X) exists, the client assumes the role Read-only profile and performs these steps.
Important !
Note the following limitations when configuring multiple accesses to a container (Non Normal direct-access Profile) if no Office Container is used in parallel:
- Microsoft OneDrive does not support multiple connections, this can lead to data loss.
- Microsoft Outlook (OST files) offers limited support for multiple connections.
Store search database in profile container
Windows Search Service must be started and set to automatic for this feature. Delayed start should not be enabled. The Citrix Provisioning Server Optimization tool disables the Windows Search Service and should therefore be reactivated via GPO.
This option should not be used on Windows Server 2019 operating systems, as this can lead to errors.
In Windows Server 2019, please use the following article by James Kindon to implement this.
Windows Search in Server 2019 and Multi-Session Windows10
Multi-user search
Multi-user search extracts the user part of the search index and saves it in the Profile Container. The user-specific part of the .edb file, which takes over the Outlook search, is extracted and integrated into the Profile Container. The user-specific part of the .edb file and the files necessary to support the search are stored in the folder \WSearch in the VHD(X).
This feature allows you to roam a user’s Outlook search information across multiple systems.
Single-user search
Single-user search saves the entire search database in the profile container of the user. The .edb file from the ProgramData folder is then included in the user’s Profile Container. The redirected .edb file and the files required to support the search are stored in the \WSearch folder on the VHD(X).
By redirecting the Windows search database, the Windows search is available immediately after logon and no re-indexing is required.
Set Outlook cached mode on successful container attach
If this feature is enabled and the Profile container is successfully attached, the Outlook setting that enables cache mode is temporarily set for the current session until the container is removed. This ensures that the cache mode is only used when the container is attached.
Delete local profile when FSLogix Profile should apply
If this is enabled, the user’s local profile is permanently deleted if Container is enabled for this profile. The user is then logged on with the FSLogix profile.
Allow concurrent user sessions
This setting should be used when the target system is multi-session and allows simultaneous logins for the same Windows account on the same server.
/ Computer Configuration / Policies / Administrative Template / FSLogix / Profile Container / Advanced
Provide RedirXML file to customize redirections
The file redirections.xml is stored here to define which files and folders should not be saved in the Profile Container.
When you log on, the FSLogix agent copies the redirections.xml file from the specified location to <profile>\AppData\Local\FSLogix(inside the VHD(x)) and processes it immediately. The user must have read permission for the file.
Typically this location might be in the root or a sub-directory of the location where profiles are stored: \\<FileServer>\\Container$\Redirection\ (the redirections.xml would be placed in the Redirection folder).
The basic structure of the redirections.xml file is as follows:
XHTML
1 2 3 4 5 6 7 8 9 10 11 | <?xml version="1.0" encoding="UTF-8"?> <FrxProfileFolderRedirection ExcludeCommonFolders="<OPTIONAL>"> <Excludes> <Exclude Copy="<VALUE>">AppData\Low\FolderToDiscard\</Exclude> <Exclude>… another exclude folders… </Exclude> </Excludes> <Includes> <Include>AppData\Low\FolderToDiscard\FolderToKeep</Include> <Include>… another include folders… </Include> </Includes> </FrxProfileFolderRedirection> |
What is Included / Excluded is only considered when logging in. If changes are made then a logoff / logon sequence must be done to sync to files.
You can specify any numbers of items inside theIncludesandExcludestags. Folders are relative to the user profile only (That’s whyAppDatais shown in this example).
Exclude folders are redirected to base (meaning the \Users\local_%username% folder FSLogix creates) and Include folders are used when certain folders should remain on virtual profile. Include are normally used when a complete folder is redirected and only some subfolders should not be excluded.
<OPTIONAL> should be replaced by one of the following values:
If theExcludeCommonFoldersattribute is specified, folders specified by the bitmask value are excluded, so redirected to base.
1 = Contacts folder
2 = Desktop folder
4 = Documents folder
8 = Downloads folder
16 = Links folder
32 = Music and Podcasts folders
64 = Pictures and Videos folders
128 = Folders like AppData\LocalLow
To Example if you want to exclude Contacts & Links Folder, set the Value 17 (1+16).
If you want to avoid copy to / from base in some common folder, you can add an Exclude item to override. Exclude items have priority over common folders exclusions.
If the same folder is specified as Exclude and as Include item, the Exclude will have priority.
<VALUE> should be replaced by one of the following values:
0 = No files are copied in or out. Only the folders are created in the directory local_<user_name> .
1 = Files are copied to the local profile. Any existing file in an excluded folder is copied to the local profile.
2 = Files are copied back into the virtual profile. Each modified file in the local profile is copied back into the Profile Container when the user logs off.
3 = Files are copied from & to the local profile. Combination of Value 1 and 2.
Important !
Redirections should only be used minimally, as this has an immense negative effect on the required iOPS. The size of the container has no negative influence on the login speed.
This function should not be used to crop the profile heavily, as for example with UPM, or to create space-saving profiles. If less space per profile is needed, file based profile solutions such as UPM should be used.
Important !
The following path should not be excluded:
AppData\Local\GroupPolicy
/ Computer Configuration / Policies / Administrative Template / FSLogix / Profile Container / Container and Directory Naming
Virtual disk type
Defines the type of the automatically created Profile Container file (VHDX or VHD). Configure VHDX here.
Swap directory name components
If it is enabled, new directories are named with the user name first, followed by the SID.
The default setting is %SID%_%USERNAME% and therefore annoying when searching for a specific user. If you change this setting afterwards existing containers will not be touched and therefore recreated. With the following script this can be renamed in advance and the containers can be moved.
Migrate from SID_Username to Username_SID
Result
After successful setup, the result can be viewed as follows.
- Run compmgmt.msc from cmd or Run
- Under Disk Management you can now see the attached Profile Container (here Profile-manuel)
- Click with the right mouse button on the profile disc and assign a drive letter to it.
- Now you can access the drive and check the data
Office365 Container
The Office Container is a subtype of the Profile Container. Although all the advantages of the Office Container are also available in the Profile Container, it can sometimes be advantageous to combine them.
- Different data class (backup of Profile Container and no backup for Office Container)
- Office Container requires higher IOPS
In order to use the Office365 Container feature, the corresponding package must be installed on the Golden Master Image and activated via GPO.
Office365 Container can be used parallel to existing profile methods (Roaming, UPM etc.).
File Server
- Create a folder on your file server for the profile containers of the users
- Set the following permissions.
User Account | Folder | Permissions |
CREATOR OWNER | Subfolders and Files Only | Full Control |
SYSTEM | This Folder, Subfolders and Files | Full Control |
Administrator | This Folder, Subfolders and Files | Full Control |
Users | This Folder Only | Create Folders / Append Data |
Users | This Folder Only | List Folder / Read Data |
Users | This Folder Only | Read Attributes |
Users | This Folder Only | Traverse Folder / Execute File |
- Activate the share and set the share permission for theAuthenticated UserstoChangeandRead.
Golden Master Image
- Download the FSLogix package and extract it
- After some tests I can not recommend every version, the following versions are tested and did not cause any errors with my customers
- Version FSLogix_Apps_2.9.6964.52690 -> Old & Stable
- Version FSLogix_Apps_2.9.7349.30108 -> New & Stable
- Version FSLogix_Apps_2.9.7621.30127 (Version 2009) -> New Version
- Launch the installerFSLogixAppsSetup
- Click in the following window on “I agree to the license terms and conditions“
- Via the buttonOptionsyou can adjust the path of the installation
- ClickInstallto start the installation
- After the installation you can check the Services menu, that the FSLogix services are installed and running
FSLogix Apps Service
- Service name: frxsvc
- Description: FSLogix Apps Service Component.
- Path to executable: “C:\Program Files\FSLogix\Apps\frxsvc.exe”
- Startup type: Automatic
FSLogix Cloud Caching Service
- Service name: frxccds
- Description: FSLogix Apps Cloud Caching Service Component.
- Path to executable: “C:\Program Files\FSLogix\Apps\frxccds.exe”
- Startup type: Automatic
- To control the execution of the agent on the worker, the following groups have been created locally in the worker
- These groups can be used to define (White/Blacklistening) who can use the container solution
- FSLogix ODFC –> Office Container
- FSLogix Profile –> Profile Container
- By default, the user Everyone is member of the include groups
- It is recommended that you create and store an AD group for each of the required include and exclude lists.
- These groups can be stored locally in the Golden Master or centrally via Group Policy Preferences
Active Directory Server
- Copy the ADMX & ADML file from the extracted FSLogix folder
- Paste these files into yourPolicyDefinitionsfolder
- Open theGroup Policy ManagementConsole
- Create a GPO in the OU of your Worker Machines
- Now configure the settings you need for Office365 Container
The folowing are the most important settings from the FSLogix ADMX file for Office365 Container.
/ Computer Configuration / Policies / Administrative Template / FSLogix / Office 365 Container
Enabled (Must be configured)
This item activates the Office365 Container feature.
VHD location (Must be configured)
A list of file system locations to search for the Office365 Container VHD(X) file. If one isn’t found, one will be created in the first listed location. If the VHD(X) path does not exist, it will be created before verification.
These values can contain variables that will be resolved. Supported variables are %username%, %userdomain%, %sid%, %osmajor%, %osminor%, %osbuild%, %osservicepack%, %profileversion%, and any environment variable.
Size in MBs
Set the size of the newly created VHD(X) file in MB. Depending on the type of use, it is recommended to plan between 2 and 5 GB per user. The originally defined 30 GB should remain defined because this is only the maximum size of the container and not the directly used size on the disk if Dynamic VHD(X) allocation is enabled.
Changing this setting only has an effect on newly created containers. Existing containers must be extended by script.
Dynamic VHD(X) allocation
If Dynamic VHD(X) allocation is enabled, the VHD(X) files are assigned dynamically. This means that the file size of the VHD(X) file only grows when data is added to the Office365 Container. If this option is not enabled, automatically created VHD(X) files will be directly allocated to the full data storage space.
Virtual disk type
Specifies the type of automatically created container file (VHDX or VHD). VHDX should be configured here.
VHD access type
Difference disk stored on local machine
The following steps are performed during logon:
- The Client attempt to remove a previous Difference Disk (%usersid%_ODFC.VHD(X)) for this user from the temporary folder.
- A new Difference Disk named %usersid%_ODFC.VHD(X) is created. This Difference disk will be created in the Temp directory.
- The client mount the Difference Disk as O365 VHD.
The following steps are executed during logoff:
- Client detaches the difference disk.
- The system tries to merge the Difference Disks. The merge can only be successful if the user’s last session has ended.
- Client deletes the difference disk.
Difference disk stored on network
At the logon:
- An attempt is made to open the Difference Disk merge.vhd(x) with read/write access. If successful, it merges the Difference disk with the original Office 365 container. When the merge is complete, the Difference disk is deleted.
- All previous Difference Disks for the logged on system (%Computername%_ODFC.VHD(X)) will be deleted.
- A new Difference disk named %computername%_ODFC.VHD(X) is created. This difference disk is created on the network share next to the parent VHD(X) file.
- The Difference disk is attached as O365 VHD.
When you log off:
- The Difference Disk is unmounted.
- The Difference Disk will be renamed to merge.vhd(x). If this renaming is successful, an attempt is made to merge the difference discs. The merge can only be successful if the user’s last session has ended.
- The Difference Disk is deleted.
Direct access
When logging in, the system tries to attach the VHD(X) file directly. No Difference Disks are used (This is a 1 to 1 connection). If simultaneous access is attempted, it fails with a share violation (error 20).
When logging out, the VHD(X) is unmounted.
Important !
Please note the following limitations when configuring multiple accesses to a container (not for Direct Access or Unique Disk per Session):
- Microsoft OneDrive does not support multiple connections, this can lead to data loss
- Microsoft Outlook (OST files) offers limited support for multiple connections
Unique disk per session
With this method, no parent disk is created and each container is initially created empty. The data from the Session Containers is also not merged centrally and can therefore be different, but that is why this mode is also supported with OneDrive and for OST files.
The VHD(X) files are named ODFC-%username%-SESSION-<sessionnumber>.VHD(X), where sessionnumber is an integer from 0 – 9.
The maximum number of VHD(X) files per session is 10.
When you log on, the following steps are performed:
- It searches for a VHD(X) file for the session that is not currently in use.
- If one is found, it is mounted and used directly.
- If none free is found, a new one is created and used.
- If a new VHD is created and so the number of VHDs per session is greater than the specified number under Number of per-Session VHDs to persist, this VHD(X) will be marked for deletion and deleted when logging off.
When you log off:
- The VHD(X) file is unmounted.
- When the VHD(X) is marked for deletion, it is deleted.
Important !
Please note the following limitations when configuring multiple accesses to a container (not for Direct Access or Unique Disk per Session):
- Microsoft OneDrive does not support multiple connections, this can lead to data loss.
- Microsoft Outlook (OST files) offers limited support for multiple connections.
Existing Difference Disk containers can be migrated to Unique Disk per session, so that the content does not have to be completely downloaded from the cloud again. With the following script you can create one or more session containers (the existing container can be deleted or will not be touched)
Important !
Do not copy these new Unique Disk per Session containers into the same folder as the existing Difference Disk containers.
If both methods access the same path, the method that is used first will win. The other method can no longer use a container.
If there are no more Difference Disk Containers in the directory, and a computer tries to use this method, the Unique Disk per Session Container, if not already in use, will be used for this. The session container is taken as parent disk for the newly created difference disk.
Number of per-Session VHDs to persist
This setting is used when the VHD access type is set to Unique disk per session. This controls the number of session VHDs that are persistent.
For example, if this is set to ‘2’ and the user creates a third session, a new session VHD is created and used, but is deleted when the third session ends.
Sync OST to VHD
How to deal with existing local OST files.
Copy OST to VHD
Existing local OST file (if existing) are synchronized into the Office365 Container VHD(X) file.
Do not mirror OST to VHD
Existing local OST file are not moved to the Office365 container.
Move OST to VHD
Existing local OST file (if existing) are initially moved to the Office365 Container VHD(X) file.
Store search database in Office 365 container
Windows Search Service must be started and set to automatic for this feature. Delayed start should not be enabled. The Citrix Provisioning Server Optimization tool disables the Windows Search Service and should therefore be reactivated via GPO.
This option should not be used on Windows Server 2019 operating systems, as this can lead to errors.
Multi-user search
Multi-user search extracts the user part of the search index and saves it in the Office365 Container. The user-specific part of the .edb file, which takes over the Outlook search, is extracted and integrated into the Office365 Container. The user-specific part of the .edb file and the files necessary to support the search are stored in the folder \WSearch in the VHD(X).
This feature allows you to roam a user’s Outlook search information across multiple systems.
Single-user search
Single-user search saves the entire search database in the Office365 Container of the user. The .edb file from the ProgramData folder is then included in the user’s Office365 Container. The redirected .edb file and the files required to support the search are stored in the \WSearch folder on the VHD(X).
By redirecting the Windows search database, the Windows search is available immediately after logon and no re-indexing is required.
Set Outlook cached mode on successful container attach
If this feature is enabled and the Office365 Container is successfully attached, the Outlook setting that enables cache mode is temporarily set for the current session until the container is removed. This ensures that the cache mode is only used when the container is attached.
Allow concurrent user sessions
This setting should be used when the target system is multi-session and allows simultaneous logins for the same Windows account on the same server.
Include Office activation data in container
If this is enabled, the activation data of the Office license is stored in the Office365 Container.
Include Outlook data in container
Activated, the Outlook data files are included in the Office365 container.
Include OneDrive data in container
Activate the OneDrive cache to be included in the Office365 container.
Important !
Starting with FSLogix version 2009, FSLogix supports the processing of multiple business OneDrive accounts and Personal OneDrive accounts. Before version 2009, only one business account was supported.
Include Teams data in container
When Enabled, the Teams files are included in the Office365 Container.
/ Computer Configuration / Policies / Administrative Template / FSLogix / Office 365 Container / Container and Directory Naming
Swap directory name components
If it is enabled, new directories will be named with the user name first, followed by the SID.
The default setting is %SID%_%USERNAME% and therefore annoying when searching for a specific user. If you change this setting afterwards existing containers will not be touched and therefore recreated. With the following script this can be renamed in advance and the containers can be moved.
Migrate from SID_Username to Username_SID
Existing Profile Solution
You should exclude the following paths in your existing profile solution so that Office365 Container work smoothly.
OneDrive
%USERPROFILE%\AppData\Local\Microsoft\OneDrive
%USERPROFILE%\OneDrive –<TenantName>
Outlook
%USERPROFILE%\AppData\Local\Microsoft\Outlook
Result
After successful configuration, the result can be viewed as follows.
- Launch compmgmt.msc from cmd or Run
- Under Disk Management you can now see the attached Office365 container (here O365-mwinkel)
- Click with the right mouse button on the Office365 Disk and assign a drive letter to it.
- Now you can access the drive and check the data
Update existing FSLogix installation
Since I didn’t have good experiences with Inplace Upgrades with several versions of FSLogix, here’s my recommendation for the update process.
- Replace FSLogix ADMX files
- Deinstallation of the existing FSLogix components
- Restart the machine
- Installation of the new FSLogix version
Troubleshooting
Some notes on troubleshooting about FSLogix.
Log Location
The log files are stored under the following path in the target system. The GPO can be used to define which logs are created.
C:\ProgramData\FSLogix\
FSLogix Tools
Under the following path there are two more useful tools.
C:\Program Files\FSLogix\Apps
FSLogix Profile Status
Hidden behind the frxtray.exe is the FSLogix Profile Status Tool. In the Basic View it only shows the usage of a profile container. The screenshots are from an environment with Office Container only, hence the yellow traffic light and no display of memory usage.
This display can be further extended by clicking on Advanced View. In the Advanced View we see all FSLogix related entries in the local Event Viewer under Events.
Under Logs the above mentioned log files are read out. The Office Container is located behind ODFC.
FSLogix Profiles Configuration Tool
Behind the ConfigurationTool.exe the FSLogix Profiles Configuration Tool is hidden. This tool was used in the past to configure Profile Containers.
I personally only use it nowadays to create redirection.xml. For this you have to load an existing container and then you can create the entries.
Anti-Virus Exceptions
Target System (Worker)
Exclude files & folders
- %Program Files%\FSLogix\Apps\frxdrv.sys
- %Program Files%\FSLogix\Apps\frxdrvvt.sys
- %Program Files%\FSLogix\Apps\frxccd.sys
- %TEMP%\*.VHD
- %TEMP%\*.VHDX
- %Windir%\TEMP\*.VHD
- %Windir%\TEMP\*.VHDX
- \\server\share\*\*.VHD
- \\server\share\*\*.VHDX
Exclude Processes
- %Program Files%\FSLogix\Apps\frxsvc.exe
- %Program Files%\FSLogix\Apps\frxccd.exe
- %Program Files%\FSLogix\Apps\frxccds.exe
File Server
- VHD(X) Directory, including subdirectory
Registry
In the registry you can check which settings are currently being used. These can be found under the following registry path.
Profile Container
HKLM\SOFTWARE\FSLogix\Profiles
Office Container
HKLM\SOFTWARE\Policies\FSLogix\ODFC
Cloud Cache
HKLM\SYSTEM\CurrentControlSet\Services\frxccd\Parameters
HKLM\SYSTEM\CurrentControlSet\Services\frxccds\Parameters
Container Size
Here a script (Thx to Jim Moyle) to shrink existing containers, for example after deleting some of the content.
Configure this on the respective file server or an admin server.
Shown here is the Shrink Script as a Scheduled Task addressed several times a day.
And a script (Thx to Kasper Johansen) to enlarge the containers if they were too small at the beginning.
Missing start menu at second login
Excluding the path \AppData\Local\GroupPolicy in profile containers can lead to serious errors in the session (Event ID 1085). More information and solutions can be found in the following article by James Rankin
Related posts:
- Activation of Office365 through multiple Citrix Worker (Activation Token Roaming)
- Office365 installation on Terminal Server (Shared Computer Activation)