Applies to: Nerdio Manager for MSP (NMM)
After installing Nerdio Manager and deploying Dynamic Host Pools, you may see a FSLogix related error while attempting to log on as local admin on host VMs:
This is happening because FSLogix is enabled by default on every new session host and is configured to map the profile to a network file share, which is not accessible by local admins. There is also a setting that tells FSLogix to pop-up this error in case it cannot mount the profile (rather than allow a session without a network profile), which is what you see.
There are two options to enable local admins to log into session hosts:
- (Recommended) Create local security groups on the Desktop Image to exclude local admins from FSLogix. You can find the specific names of the group here: https://docs.microsoft.com/en-us/fslogix/configure-profile-container-tutorial.
- Allow session host logon even if the computer cannot connect to a network profile. This can be done by removing the following two FSLogix registry settings from SETTINGS > Integrations > FSLogix Profiles storage in Nerdio Manager.
"PreventLoginWithFailure"=dword:00000001
"PreventLoginWithTempProfile"=dword:00000001
Troubleshooting Notes
In order to temporarily remove the 'PreventLoginWithFailure' or 'PreventLoginWithTempProfile' registry values on an individual session host (without re-imaging), you can remove these keys in Azure Portal using Run Command by executing the following commands:
Remove-ItemProperty -Path "HKLM:\SOFTWARE\FSLogix\Profiles" -Name "PreventLoginWithFailure"
Remove-ItemProperty -Path "HKLM:\SOFTWARE\FSLogix\Profiles" -Name "PreventLoginWithTempProfile"
To restore these registry values (after adding exclusions to local groups, or after the addressing the issue causing the FSLogix error message) the following commands will re-create the registry values:
New-ItemProperty -Path "HKLM:\SOFTWARE\FSLogix\Profiles" -Name "PreventLoginWithFailure" -PropertyType DWORD -Value 1
New-ItemProperty -Path "HKLM:\SOFTWARE\FSLogix\Profiles" -Name "PreventLoginWithTempProfile" -PropertyType DWORD -Value 1
Comments
Article is closed for comments.