[IE11 on 2012R2 VDA - user registry hive not saved]

Hi Felipe,

 

I have replied to your PM, but I will include the response here also for the benefit of other people who are getting stuck:

 

 

We did not touch any of the registry keys.

 

We manually checked the users at first to make sure they all had the Vault folders, but once you set it up correctly, new users are created with the folders consistently so you don't need to check it.

 

AppData\Local\Microsoft\vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
AppData\Local\Microsoft\vault\UserProfileRoaming
 

If existing users are not persisting their credentials, ensure the vault folders are there and then restart the credential manager service once they land on the server to repair their credential manager vault.

 

I will list below the AppData Roaming and Local locations that we are persisting, but it is important to note that we DO NOT use GPO AppData roaming in our environment as this is very buggy and is just an all round bad idea when you can use Citrix UPM to roam everything you need anyway.

 

Directories to synchronize:
AppData\LocalLow\Microsoft\CryptnetUrlCache
AppData\Local\Microsoft\Credentials
Appdata\Roaming\Microsoft\Credentials
Appdata\Roaming\Microsoft\Crypto
Appdata\Roaming\Microsoft\Protect

 

Folders to mirror:
AppData\Local\Microsoft\Vault
AppData\Roaming\Microsoft\Windows\Cookies
AppData\Local\Microsoft\Windows\INetCookies
AppData\Local\Microsoft\Windows\WebCache

Also, Google Chrome credential roaming breaks regularly with random version updates, so we would recommend users sign up for a Google account (they can do this using their company email) and then this will allow them to roam their credentials and favourites etc between servers without issue.

[Profile Management 1811 - Outlook Search Index Roaming not working]

Hi Kasper,

 

There is no mention of RoamSearch in the link you have quoted. Can you please confirm that this link is still valid?

 

If we are not supposed to let FSLogix roam the search then does that mean we are supposed to forfit the Office container for FSLogix in an RDS environment and instead use Citrix Search Roaming instead?

 

We are having issues with FSLogix search roaming in both W2016 and W2019 using FSLogix Office container in combination with Citrix UPM for profile management.

[Citrix VDA 1906 - Local user profiles not deleted on log off due to NTUSER.dat being in use]

We are also getting this issue in both W2016 and W2019 with the 1912 LTSR VDA version. It is also worth noting that we are using FSLogix Office containers and Citrx UPM for the user profiles.

 

Has anyone found a resolution for this?

[IE11 on 2012R2 VDA - user registry hive not saved]

Thank you to everyone for all of your fantastic contributions! It took us a considerable amount of time to resolve this and these forum posts where instrumental in getting the credentials to roam between VDA's!
 

One final point to add that eventually resolved this for us, beyond what appears to have been added as the "official fix" by Citrix here: https://support.citrix.com/article/CTX213190

 

We had to restart the Credential Manager Windows service for the Web Credentials to show up for the user in Credential Manager after logging on to a new server (we were troubleshooting this on Windows 2019 servers).

 

Also, it's a good idea to watch out for the existing "AppData\Local\Microsoft\vault" folder in the user's UPM as you may need to delete it from the UPM store and from the current session's AppData location and then recreate it with the below subdirectories for it to finally start mirroring correctly and roaming Web Credentials between servers.

 

AppData\Local\Microsoft\vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
AppData\Local\Microsoft\vault\UserProfileRoaming

 

Especially in our case, where we started off with the vault folder being in Directories to synchronize, rather than Folders to Mirror. There is a fantastic article here about the difference between the two in case anyone else finds it a bit confusing https://virtualfeller.com/2019/01/15/synchronize-vs-mirror/

 

I hope this helps anyone else with their troubleshooting that still has to deal with legacy support for Internet Explorer. It's 2020 already, and I can't believe people are still refusing to move on from Internet Explorer and also insisting on saving their passwords in the browser, but the client gets what the client wants!

[Director SSO with NS LB not working]

Did anyone ever find a solution to this? 

We are currently implementing this with SSL internally using a Content Switching Virtual Server load balanced across two XenDesktop Controller Servers (with Director installed on them). We have followed all the steps in this forum post and from Carl's latest step by step instructions. No matter what we do, we still have to log in manually to the Forms page because we are presented with "your session has ended. to continue, please log on" as mentioned by Olly Thompson and fpapineau above.

 

If anyone has managed to get this to work please share the steps you followed, it would be greatly appreciated!

 

Edit: We were finally able to get this to work in our environment by ensuring that all forms of authentication were disabled for Director in ISS apart from Windows authentication and ensured that both useAppPoolCredentials and useKernelMode were set to True (contrary to the steps indicated by Carl in his walk-through).

[Windows Search Corruption - Windows 10x1709]

We are also getting the exact same issue running CVAD 1906.1 on Windows 2016 servers with published app Outlook 2016 32-bit. Rebuilding the Windows Search Index on the VDA resolves the issue, but it shouldn't happen in the first place and we are worried it will reoccur unless we can find the cause. We have only just started to roll this out so we would very much like to know what is going on before we roll it out the our larger client base. 

 

We are using VHDX-based Outlook cache and Outlook search index on a per user bases in a UPM environment with Cached Exchange mode turned on.