VMware Horizon Community
ErikVb84
Contributor
Contributor
‎08-25-2017 01:20 AM
Jump to solution

Windows App Dissapear after logoff (w10 1703)

Environment

We are currently creating a windows 10 (1703) image and are testing the workings of all the features and applications. The environment uses local profiles and VMWare UEM version (9.2.0.701) and we use the Advance UEM GPO setting to remove the profile after logoff.

Problem

Part of Windows 10 are the apps from the Store which are visible in the start menu. We are now seeing that after the user has logged on twice on the same machine all the apps disappear from the start menu and will not return. The problem persists for the user on that machine unless two things happen:

- the user profile is deleted via advanced system settings in Windows;

- Machine is reinstalled.

Troubleshooting

To test we setup VMware UEM without any configuration (no shortcuts no Config file, no conditionsets, nothing.) and have only applied our GPO settings(see GPO settings below). When UEM is turned off (no config set) the problem does not occur. When we turned on the test config the problem would occur after two logons.

The first suspect was the local profile deletion so we turned this feature off and tried again and as expected the problem did not occur anymore.

Our guess of the cause?

We are unable to find a solution for this issue at it seems it might be a timing issue or maybe 1703 changes the way it stores user app information and the way UEM does the deletetion creates some sort of lock on this new method.

Does anyone have a similar issue or is there a solution out there for this problem.

  

----------------------------------------------------

GPO Settings

----------------------------------------------------

DirectFlex – advanced settings Enabled

------------------------------------------------------

Only export at logoff Disabled

------------------------------------------------------

Show DirectFlex notifications Enabled

Notification delay in seconds: 5

------------------------------------------------------

Hide DirectFlex exit notification Enabled

------------------------------------------------------

Flex config files Enabled 

Central location of Flex config files: \\xxxxx\xxxxx$\

------------------------------------------------------

Process folder recursively Enabled

------------------------------------------------------

FlexEngine logging Enabled 

Path and name of log file: \\xxxxxx\Flexprofiles.log

Log level: Info

Maximum log file size in kB: 1024

------------------------------------------------------

Log total size of profile archive and profile archive backups folders Enabled

------------------------------------------------------

Paths unavailable at logon Enabled

If Flex config files path is not available: Skip import

Optional message to display: xxxxxxx

Timeout after which to dismiss message: 10

If profile archive path is not available: Apply user environment settings

Optional message to display: xxxxxxxxx

Timeout after which to dismiss message: 10

------------------------------------------------------

Profile archive backups Enabled 

Location for storing user profile archive backups: \\xxxxxx\Backups

Hide backup folder Disabled

Number of backups per profile archive: 2

------------------------------------------------------

Create single backup per day Enabled

------------------------------------------------------

Profile archives Enabled 

Location for storing user profile archives: \\xxxxxx\xxxx

------------------------------------------------------

Hide profile archive folder Disabled

------------------------------------------------------

Compress profile archives Enabled

------------------------------------------------------

Retain file modification dates Enabled

------------------------------------------------------

Run FlexEngine as Group Policy Extension Enabled

------------------------------------------------------

Advanced settings

------------------------------------------------------

Remove local profile at logoff Enabled

------------------------------------------------------

Do not apply to members of the local administrators group Disabled

Regards,

Erik

1 Solution

Accepted Solutions
Pim_van_de_Vis
Expert
Expert
‎08-25-2017 12:05 PM
Jump to solution

This is a know issue with Windows 10 and the 'remove local profile at logoff' option. Windows leaves user SID information behind at this location:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore

When you manually remove the user SID key there, the issue is gone. We are trying to fix this in the future.

Why are you using this 'remove local profile at logoff' feature in the first place? Why not use Linked Clones or Instant Clones that refresh at logoff?

View solution in original post

0 Kudos
6 Replies
Pim_van_de_Vis
Expert
Expert
‎08-25-2017 12:05 PM
Jump to solution

This is a know issue with Windows 10 and the 'remove local profile at logoff' option. Windows leaves user SID information behind at this location:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore

When you manually remove the user SID key there, the issue is gone. We are trying to fix this in the future.

Why are you using this 'remove local profile at logoff' feature in the first place? Why not use Linked Clones or Instant Clones that refresh at logoff?

0 Kudos
ErikVb84
Contributor
Contributor
‎08-27-2017 11:11 PM
Jump to solution

Pim,

Thanks for the reply

  1. We are using the remove profile at logoff feature because we used it before and it worked for us. No reason to change something that works.
  2. The Instant/Linked clone solution wont work for us since we are deploying physical workstation + UEM and only a limited amount of VDI's.

For now we might have to make a script that cleans the SID from the registry, does the future(fix) have an ETA (weeks, months, year?).

Regards,

Erik

0 Kudos
Pim_van_de_Vis
Expert
Expert
‎08-27-2017 11:18 PM
Jump to solution

Thanks for your reply.

Are the physical workstations not personal or used by only 1 or maybe a handful of people? Because in that case the local profile can stay on the machine and does not need to be deleted. This will also improve the logon time for the second and next logons.

I don't have details on dates for a possible fix.

0 Kudos
ErikVb84
Contributor
Contributor
‎08-28-2017 01:15 AM
Jump to solution

The machines are used by multiple users in most cases, and with the current Win7 environment we had some issues when we retained the profiles locally. So deleting the profiles is unfortunatly the way to go for us.

I'm currently in the process of building some sort of script that deletes the SID after logoff of the user with a system user, it won't be pretty but it should work.

0 Kudos
Pim_van_de_Vis
Expert
Expert
‎08-28-2017 05:33 AM
Jump to solution

Consider to re-evaluate the decision to remove the local profiles. With Windows 10, it saves a ton of time at logon if the local profile is already present at the computer.

Maybe the issues you had with Windows 7 are no longer relevant on Windows 10.

Doesn't hurt to test and will save you a lot of manual scripting, etc. and gives your users faster logon times also.

0 Kudos
DEMdev
VMware Employee
VMware Employee
‎05-29-2018 10:02 AM
Jump to solution

Just in case someone finds this old thread: UEM 9.4 contains a fix for this problem.