Office 365/FSLOGIX with Roaming Licences without ADFS in Cached Exchange Mode for VDI

This post has already been read 5568 times!

Today we will step in to the world of “Why am I not using this solution already!?

I am going to write about FSLOGIX and in particular two features that when it comes to profile management, provide you with a win win. Happy administrators and happy users.

The end result of any implementation should be about the user experience. If this is not acceptable the hard work you made putting in the solution is ignored.

Profile Containers and Office 365 containers to the rescue!

In a nutshell all your folders and files are mounted at user logon in one single VHD/VHDX file. The system only sees a single VHD/VHDX file to attach to the user. There are two container (VHD/VHDX) files.

The Profile Container – No faffing about on what to include or exclude with the profile, no slowness of logon owed to folder redirection.

The Office 365 Container – OST and office data and even One Drive can be cached in a single VHD/VHDX file so you can have lightning experience with office apps including searching and indexing! (Imagine the case with a chatty OST/PST across the network causing issues with your VDI/RDS users or whenever the users search or do something within outlook. Lots of resources being hogged and network and shared users affected).

One thing to note – Space, you will need space. SAN, Storage, file server you name it you will require space to store the profiles. This is not so costly anymore and  in today’s terms this should not be a problem. Remember size appropriately.

From a user perspective and experience this is A+.

I had the fortunate experience of meeting some of the FSLOGIX team and they really know their onions!

So what will I cover?

  • Office 365 Installation
  • Image Checks
  • FSLOGIX Install
  • Image Preparation
  • GPO Setup
  • How FSLOGIX Works
  • Troubleshooting
  • FSLOGIX Container Management
  • Conclusion

Office 365 Installation

Once you have the master image prepared and optimised for the best user experience by a your preferred consultant we can then begin the office 365 install on the image.

The office install is done by using the ODT tool (office deployment tool).

You simply download this from the website –

https://www.microsoft.com/en-us/download/details.aspx?id=49117

Once the executable is downloaded simply run it on a network share.

You should then see the following files.

Next, you need to create a new configuration.XML file.

This is easily done by going to the wonderful GITHUB.

https://officedev.github.io/Office-IT-Pro-Deployment-Scripts/XmlEditor.html

You are able to exclude the products you do not wish to download. (One Drive is usually recommended to not be redirected to the containers historically. However, this can be done).

This is pretty intuitive. What you need to be aware of is the following –

  • Disable Updates
  • Do not have any other office products on your image
  • Display level None
  • Accept the EULA
  • Shared Computer Licensing should be YES

Once you have your configuration file sorted simply download and replace the one in the profile share.

You should end up with something similar to the below.

Next you need to download the office files.

This can be done remotely from your Win 10 master image or any other machine.

Open up an administrative command prompt and run the setup from the location the files are in and download the files to the share.

\\Server\Share\setup.exe /download \\Server\Share\configuration.xml

Once this is done you will see extra files in your profile share –

Now from your master image you need to install the office files.

So first step is to download to a share and second step is to install from that share.

\\Server\Share\Setup.exe /configure \\Server\Share\configuration.xml

This process actually install office on to your image.

You will have to wait for a bit of time so get some pushups in!

Image Checks

At this stage do not launch your office apps. You do not want to activate office on the Master Image!

We have to go through a few tests to check all is good.

Check 1

Make sure the product is not activated on your image.

Check 2

Add the following registry keys and make sure shared computer activation is set to 1.

The registry keys are required to enable office licensing roaming.

Fslogix Install

We now install the fslogix agent.

This is easy.

Click Yes

Enter your product key.

 

Done!

The agent install does install a service.

You will also have 4 groups created for you.

The ODFC groups are user control for your Outlook containers.

The Profile groups are for your……yeah you  have it!

Remove the default groups

…. and add the users you want to have containers mapped when they log on to your VDI/ RDS solution.

Best practice – create 2 groups.

OFFICE INCLUDE

PROFILE INCLUDE

Put the users in to these groups and add the groups withing the FSLOGIX created groups.

Note – Exclude overides include.

The next thing you need to do is create a few reg keys.

FlipFlopProfileDirectoryName – Basically flip sid, username around to username, sid.

VHDLocations – The location of your share that will contain the Containers.

IncludeOfficeActivation – 1 = Office activation data is redirected to the container. 0 = Office activation data is not redirected to the container.

RoamSearch – Used to control the FSLogix Search Roaming feature. Set to ‘1’ or ‘2’ to enable the feature.

Image preparation

 

This will be your own set of best practices.

What I will say is there are 2 great tools to prep your images.

There are lots of other tweaks you can do – I follow this link for the machine template within VMware.

https://www.ituda.com/vmware-horizon-view-windows-10-golden-image-creation/

This link has a good vdi.bat file you use at the end of your image prep.

Once you finish preparing your image it is now over to your Horizon/Xenapp solution to deploy this out.

I will not go in to detail here for this part but this is using an image for MCS/ PVS /Linked clones etc etc.

GPO Setup

There are some GPO’s you can also use to configure settings.

Your VDI machines will be placed in the GPO that these rules apply to.

FSLOGIX ADMX template

Office ADMX template

Setting to roam the 365 Token.

Set Computer Configuration Preferences.

Here are the keys we mentioned earlier but being set by GPO.

You will just have to put the ADMX/ and ADML files either in your local policy definitions location or the Sysvol Policy definitions location.

How FSLOGIX Works

When FSlogix is working it will create VHD/VHDX files on your Container share under a user, sid folder location (Remember the FlipFlop setting) when a user logs in to the VDI.

 

This can be seen in the VDI Compmgmt console. So, you will get a mounted volume attached that resides on the file share as though it is local to the device.

Troubleshooting

Log files are located at Log Location for Agent = C:\ProgramData\FSLogix\ODFC

The log will indicate the setting being read/applied by GPO, the VHD being found for the user , VHD’s  being mounted to the specific folder of Office365.

If using UPM or other profile management tools in conjunction with FSLOGIX don’t forget to exclude the highlighted items.

UPDATE: More exclusions added – Thanks to Rene Bigler.

Outlook- \Users\<username>\AppData\Local\Microsoft\Outlook
Search- \Users\<username>\AppData\Roaming\FSLogix\WSearch (Only required when RoamSearch set to 2)
Skype4B- \Users\<username>\AppData\Local\Microsoft\Office\16.0\Lync
Licensing- \Users<username>\AppData\Local\Microsoft\Office\16.0\Licensing
One Drive- \Users\<Username>\<OneDrive folder name>

The status tray also highlights details and logs.

FSLogix Container Management

Mounting vhdx files so you can look at the contents is done with a tool – Frxcontent.exe, located in the following location – C:\Program Files\Fslogix\Apps

You install the tool using the command frxcontect.exe –Install

From the machine you installed this tool on you then browse to the VHDX files and right click and mount as shown below.

The container below shows the Office VHDX file.

The container below shows the users profile within the VHDX folder.

Two screens will pop up when mounted.

Registry and the Profile folders.

 

The next screen shot simply shows that I can drill in to the users desktop and see the folders that I created.

Conclusion

Simple, easy to implement and quick. Great user experience and solves issues with office 365 cached mode and Exchange online experience for corporate enterprises.

This solution will allow your license to roam in a non-persistent environment without ADFS.

More posts with FSLOGIX will be coming.

Carpe Diem!

Follow me or contact me on twitter @Citxen

Leave a Reply

Your email address will not be published. Required fields are marked *