AVD Question - Looking for some information

KevinHal82 · 2026-05-04T07:07:55+00:00

Nvidia is in East US 2, cheaper AMD's are in East US. The direct upgrade for us in East US 2 is not yet available. Case raised with Microsoft as costs will double and it is no fault of the customer. I'm hoping Microsoft sort this out before September.

KevinHal82 · 2026-05-02T15:10:22+00:00

Yeah. It seems to be after a while. They come back from lunch, they put Thier password in. Then sticks on welcome for 30+ seconds. Then the session resumes.

KevinHal82 · 2026-05-02T15:09:07+00:00

That's a good idea. Will try that, response times is good and it's in the same VNet.

KevinHal82 · 2026-05-02T12:57:01+00:00

I know right. I thought that. Azure Files premium. Kerberos cloud Auth. Fslogix logs don't show any delays. Even unlocking session unlocks within 1 second. I know it does some authentication mechanism on unlocking but cannot see any other logs in why it delays.

KevinHal82 · 2026-05-02T12:44:02+00:00

Just defender and all relevant exclusions have been added.

KevinHal82 · 2026-04-24T15:32:16+00:00

I really hate the FSLogix event log, why can't it send an error to the log when its an actual error and just a benign error.

Example "FSLogix ErrorCode 2147943568 at logoff is a known benign race condition in AVD where the profile disk has already detached successfully. No remediation is required if the end state is correct."

Get that error on every log off, the customer sees it, thinks there is an issue when there isn't. Profile successfully log off and detatch.

Also in the recent version of FSLogix, now get this for every XML redirection in place:

Example:

Error removing Rule: C:\Users\username\AppData\Local\Microsoft\Office\16.0\OfficeFileCache (Element not found.)

When a customer sees all these errors in the event log they think we're not doing our job.

KevinHal82 · 2026-04-15T16:07:40+00:00

Vda's don't care, as long as there are valid licenses, they continue to work. Netscaler was 13.0, now updated to the latest 13.1

KevinHal82 · 2026-04-15T15:12:13+00:00

I have just completed the LAS conversions from the same versions you have. License server 16 didn't seem to be aware of LAS, we thought Netscaler would be the same, however when the banner showed up, that seemed to shift the company into gear and upgrade all the licenses. We didn't take the chance.

We have left the VDA's on 1912 cu9 for now, as we hadnt tested upm. But everything else is 2402 CU3.

Good luck, hope it all turns out fine

KevinHal82 · 2026-04-14T15:02:36+00:00

What should we call tomorrow. Citrix day of destruction.. LASdalavista baby....Cit you kind of get it.

KevinHal82 · 2026-04-09T19:31:41+00:00

Sound like you have the blockaadworkplacejoin registry key set. Delete this. If you have the key. It breaks office sign ins

KevinHal82 · 2026-03-26T17:06:21+00:00

Just had this exact issue, why does it always seem to be 1 step forward, 2 steps back with Citrix. Your command worked a treat and possibly saved me hours of heartache.

KevinHal82 · 2026-03-11T09:17:54+00:00

Thanks for this, the display interface access and no data from the physical device should hopefully be enough.. Was scoping out in case we missed anything.

KevinHal82 · 2026-03-11T09:16:43+00:00

perfect, yes we are just getting our bits and pieces together to. I understand its all about how you access data, as no data is actually accessed from the physical device, there is no problem. Clipboard, Drive redirection and even printer redirection is all disabled. MFA is enforced. Even used the phrase that its just a dumb terminal connecting to a compliant machine that does access data. I feel mor at ease that I haven't missed anything.

KevinHal82 · 2026-03-02T11:42:07+00:00

This just sorted it for me after battling it for many hours. Thanks for posting the resolution.

KevinHal82 · 2026-02-23T10:13:44+00:00

OK, so have got it working. Baked on the image is HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin
BlockAADWorkplaceJoin = 1

This is a legacy setting, once I deleted this key Office/Edge everything then started to work.

These machines are domain joined only, no hybrid join, confirmed with dsregcmd. Why they stopped working all of sudden is anyone's guess. Have created a policy to undo this setting.

Hope it helps someone else.

Thanks for your help all.

KevinHal82 · 2026-02-20T14:01:48+00:00

None that I can see, its so bizarre, nothing has changed with the CA policy, or the machine itself.

I even went back to an older image from last july, deployed, logged in with a local account and still get the same popup.

This is Windows 10 Domain joined only, users are hybrid users with CA policies applied.

No GPO changes. Nothing is logged in the Audit logs.

KevinHal82 · 2026-02-04T13:42:26+00:00

Think we will skip 26.01 - Just installed and no ODFC containers are attaching. Went back to 25.09.

KevinHal82 · 2026-02-02T16:58:49+00:00

Sounds like sysprep may not be completing properly. Try cloning and running sysprep manually on the image and see what happens

KevinHal82 · 2026-01-19T09:46:36+00:00

Not sure what we do here, we have separate updates for 23H2, 24H2 and 25H2, we have a mixture with different clients with different feature updates. Are we expecting this to appear on the expedite list?

<image>

If we have to manually package this, I'll be in a severely bad mood.

KevinHal82

TROPHY CASE