Hi,
we are planning to move from roaming-profiles to fslogix as our main profile managment solution for vdi.
During testing i have found that if a user logs on, right after customization finishes during an image push, and the desktop becomes available, some GPOs including the fslogix ones are not being applied and profile containers will not attach, which unfortunately is expected in this case. But if the user waits about 30 seconds before he eventually logs on, all GPOs are being applied successfully. I know that there is a known issue with GPOs not being applied if the golden image is prior joined to the domain, but this is only the case if the instant clone is not being recreated and from my understanding should not affect instant clones during image push operation.
My Question is, is there a way to block logon after new image push for a certain amount of time? My Problem is that once a new snapshot has been approved it gets deployed during production without forcing the user to logoff. Currently some users can log on just after the new desktop is available without their profile attached.
One possible solution is a post-synchronisation script which forces a gpupdate, but i have not tested this so far. Does anyone have another idea how to fix this issue? I may have missed something in the process.
Thanks
Mat
I agree and it might be a GPO issue but it is really weird. I came accros the known GPO issues were non of the Computer GPOs are applied with domain joined golden image but this is the first time i am seeing GPOs applied after the desktop becomes available.
For me this looks like a timing issue either from AD side or GoldenImage/Horizon. Logon time is below 20 seconds and i am seeing some user GPOs being applied after desktop is shown but this should not be the case for Computer GPOs. I may have to get in touch with the AD Team.