-
Posts
368 -
Joined
-
Last visited
-
Days Won
46
Content Type
Profiles
Forums
Events
Posts posted by John Twilley
-
-
I publish the following: ms-teams.exe msteams:work
-
For those or you running nVidia GRID cards in you Horizon environment, I was wondering if you disabled the VGA or IDD display drivers.
I've always disabled my VGA display adapter, and then used the Horizon Direct agent to manage the master VM for updates.
Do any of you leave it enabled? Just curious how others manage their nVidia master images.
-
Adding my notes..
# Based on this support article, to make Google Chrome work with roaming user profiles:
# https://support.google.com/chrome/a/answer/7349337
# The roaming user profile contains information such as bookmarks, autofill data, passwords, per-computer browsing history, browser preferences, and installed extensions.** Set a Registry policy in DEM to create the user's profile.pb **
[HKEY_CURRENT_USER\Software\Policies\Google\Chrome]
"SyncDisabled"=dword:00000000
"RoamingProfileSupportEnabled"=dword:00000001-
1
-
-
Use DirectFlex: Java.exe / Javaws.exe
[IncludeFolderTrees]
<AppData>\Sun\Java
<UserProfile>\AppData\LocalLow\Sun\Java\Deployment
<UserProfile>\AppData\LocalLow\Oracle[IncludeFiles]
<UserProfile>\.java.policy
-
Microsoft Office 2016/2019/365 Application Template
## Expanded settings for the Microsoft Office 2016/2019/365 Application Templates 'Access', 'Excel', 'OneDrive', 'OneNote', 'Outlook', 'PowerPoint', 'Project', 'Publisher', 'Shared', 'Visio', and 'Word':
#
[IncludeRegistryTrees]
HKCU\Software\Microsoft\Office\16.0\Access
HKCU\Software\Microsoft\Office\16.0\Common
HKCU\Software\Microsoft\Office\16.0\Excel
HKCU\Software\Microsoft\Office\16.0\FirstRun
HKCU\Software\Microsoft\Office\16.0\Groove
HKCU\Software\Microsoft\Office\16.0\Lync
HKCU\Software\Microsoft\Office\16.0\MAPI
HKCU\Software\Microsoft\Office\16.0\Microsoft Office 2016
HKCU\Software\Microsoft\Office\16.0\MS Project
HKCU\Software\Microsoft\Office\16.0\OneNote
HKCU\Software\Microsoft\Office\16.0\Outlook
HKCU\Software\Microsoft\Office\16.0\PowerPoint
HKCU\Software\Microsoft\Office\16.0\Project
HKCU\Software\Microsoft\Office\16.0\Publisher
HKCU\Software\Microsoft\Office\16.0\Registration
HKCU\Software\Microsoft\Office\16.0\SyncCenter
HKCU\Software\Microsoft\Office\16.0\SyncProc
HKCU\Software\Microsoft\Office\16.0\User Settings
HKCU\Software\Microsoft\Office\16.0\Visio
HKCU\Software\Microsoft\Office\16.0\Word
HKCU\Software\Microsoft\Office\16.0\Workspaces
HKCU\Software\Microsoft\Office\Access
HKCU\Software\Microsoft\Office\Common
HKCU\Software\Microsoft\Office\Excel
HKCU\Software\Microsoft\Office\OneNote
HKCU\Software\Microsoft\Office\Outlook
HKCU\Software\Microsoft\Office\PowerPoint
HKCU\Software\Microsoft\Office\Visio
HKCU\Software\Microsoft\Office\Word
HKCU\Software\Microsoft\Shared Tools\Proofing Tools
HKCU\Software\Microsoft\VBA
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles
HKCU\SOFTWARE\Microsoft\VSTO
HKCU\Software\Microsoft\AuthCookies
HKCU\Software\Microsoft\Windows NT\CurrentVersion\TokenBroker[IncludeIndividualRegistryValues]
HKCU\Software\Microsoft\Exchange\Client\Options\PickLogonProfile[IncludeFolderTrees]
<AppData>\Microsoft\Access
<AppData>\Microsoft\AddIns
<AppData>\Microsoft\Bibliography
<AppData>\Microsoft\Excel
<AppData>\Microsoft\MS Project
<AppData>\Microsoft\Office
<AppData>\Microsoft\Office\16.0\Lync
<AppData>\Microsoft\OneNote
<AppData>\Microsoft\Outlook
<AppData>\Microsoft\Powerpoint
<AppData>\Microsoft\Proof
<AppData>\Microsoft\Publisher
<AppData>\Microsoft\Publisher Building Blocks
<AppData>\Microsoft\Signatures
<AppData>\Microsoft\Spelling
<AppData>\Microsoft\Templates
<AppData>\Microsoft\UProof
<AppData>\Microsoft\Visio
<AppData>\Microsoft\Word
<LocalAppData>\Microsoft\Office\ONetConfig
# added
<LocalAppData>\Microsoft\Office\ONetConfig
<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy
<LocalAppData>\Microsoft\IdentityCache
<LocalAppData>\Microsoft\OneAuth
<LocalAppData>\Microsoft\TokenBroker
[IncludeFiles]
<LocalAppData>\Microsoft\Office\Access.officeUI
<LocalAppData>\Microsoft\Office\Excel.officeUI
<LocalAppData>\Microsoft\Office\MSProject.officeUI
<LocalAppData>\Microsoft\Office\olkaddritem.officeUI
<LocalAppData>\Microsoft\Office\olkapptitem.officeUI
<LocalAppData>\Microsoft\Office\olkdlstitem.officeUI
<LocalAppData>\Microsoft\Office\olkexplorer.officeUI
<LocalAppData>\Microsoft\Office\olklogitem.officeUI
<LocalAppData>\Microsoft\Office\olkmailitem.officeUI
<LocalAppData>\Microsoft\Office\olkmailread.officeUI
<LocalAppData>\Microsoft\Office\olkmmsedit.officeUI
<LocalAppData>\Microsoft\Office\olkmmsread.officeUI
<LocalAppData>\Microsoft\Office\olkmreqread.officeUI
<LocalAppData>\Microsoft\Office\olkmreqsend.officeUI
<LocalAppData>\Microsoft\Office\olkpostitem.officeUI
<LocalAppData>\Microsoft\Office\olkpostread.officeUI
<LocalAppData>\Microsoft\Office\olkreportitem.officeUI
<LocalAppData>\Microsoft\Office\olkresenditem.officeUI
<LocalAppData>\Microsoft\Office\olkrespcounter.officeUI
<LocalAppData>\Microsoft\Office\olkresponseread.officeUI
<LocalAppData>\Microsoft\Office\olkresponsesend.officeUI
<LocalAppData>\Microsoft\Office\olkrssitem.officeUI
<LocalAppData>\Microsoft\Office\olkshareitem.officeUI
<LocalAppData>\Microsoft\Office\olkshareread.officeUI
<LocalAppData>\Microsoft\Office\olksmsedit.officeUI
<LocalAppData>\Microsoft\Office\olksmsread.officeUI
<LocalAppData>\Microsoft\Office\olktaskitem.officeUI
<LocalAppData>\Microsoft\Office\OneNote.officeUI
<LocalAppData>\Microsoft\Office\Powerpoint.officeUI
<LocalAppData>\Microsoft\Office\Publisher.officeUI
<LocalAppData>\Microsoft\Office\Visio.officeUI
<LocalAppData>\Microsoft\Office\Word.officeUI[ExcludeFolderTrees]
<AppData>\Microsoft\Templates\LiveContent
<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\TempState
[ExcludeIndividualRegistryValues]
# To prevent the O365 Viewer Mode from replicating (Only if you use this feature)
HKCU\Software\Microsoft\Office\16.0\Common\autoorgidgetkey
HKCU\Software\Microsoft\Office\16.0\Common\Licensing\viewermode
HKCU\Software\Microsoft\Office\16.0\Common\SignIn\SignInOptions
HKCU\Software\Microsoft\Office\16.0\Common\Identity\DisableADALatopWAMOverride
HKCU\Software\Microsoft\Office\16.0\Common\Identity\DisableAADWAM
[ExcludeRegistryTrees]
# To help reduce the size of the registry by 10 MB
HKCU\Software\Microsoft\Office\16.0\Common\ExperimentConfigs
HKCU\Software\Microsoft\Office\16.0\Common\Experiment
HKCU\Software\Microsoft\Office\16.0\Common\ExperimentEcs
HKCU\Software\Microsoft\Office\16.0\Common\ExperimentTas[ExcludeFiles]
# Exclude XLSB Auto-Backup files as they create 100+ MB Zip - adding just the file excludes from ALL FOLDERS above.
*.xlsb
*.xar
*.bak -
Have you ever wanted to capture the "Favorites" built into Regedit.exe? I find this handy...
[IncludeRegistryTrees]
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\Regedit\Favorites -
Official Microsoft VDI Support page: New Microsoft Teams for Virtualized Desktop Infrastructure (VDI) - Microsoft Teams | Microsoft Learn
This policy works for non-persistent pools, and the ZIP files will average around 30MB. Microsoft is still making changes to the Teams client, so you have to update the exclusions as the client is updated. Microsoft has a section that discusses the folders, and what they are used for, which I thought was nice of them.
Official Folder Exclusions: https://learn.microsoft.com/en-us/microsoftteams/new-teams-vdi-requirements-deploy#folder-exclusions
Direct-Flex still does not work well with New Teams (as of 6/2024), so do not use it.
# 'New Teams' 2.1 Policy
#
[IncludeRegistryTrees]
HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\MSTeams_8wekyb3d8bbwe[IncludeFiles]
# Official Files to sync from Microsoft's New Teams Deployment Site
<LocalAppData>\Publishers\8wekyb3d8bbwe\TeamsSharedConfig\tma_settings.json
<LocalAppData>\Publishers\8wekyb3d8bbwe\TeamsSharedConfig\app_switcher_settings.json[IncludeFolderTrees]
# Official Files to sync from Microsoft's New Teams Deployment Site
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe[ExcludeFolderTrees]
# Official Exclusions from Microsoft's New Teams Deployment Site
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\Logs
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\PerfLog
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\WebStorage
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\GPUCache
# Additional Exclusions
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\Crashpad
# <LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\GrShaderCache
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\Cache
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\Code Cache
#<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\IndexedDB
<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\Service Worker\CacheStorage
#<LocalAppData>\Packages\MSTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\WV2Profile_tfw\Service Worker\ScriptCache
To install New Teams in your golden image.
Download the new Microsoft Teams Bootstrapper: https://go.microsoft.com/fwlink/?linkid=2243204&clcid=0x409
On your persistent or non-persistent VM, run the following command as an administrator: teamsbootstrapper.exe -p
For local path MSIX install method, enter: .\teamsbootstrapper.exe -p -o "c:\path\to\teams.msix"
ref: https://learn.microsoft.com/en-us/microsoftteams/new-teams-bulk-install-client
New Teams: MSIX downloads: https://github.com/ItzLevvie/MicrosoftTeams-msinternal/blob/master/defconfig2 if you need the offline installer, or want to test a newer build.
-
It has to be something on the endpoint. I cannot recreate it anywhere else. I'm leaning towards the high-end "Gaming Mouse" used by the Radiologists - Logitech G-Series. Maybe there is a high refresh that is causing it or something. But it only causes issue when Relative Mouse is enabled. And they swear that they require Relative Mouse for the CT Scan images, etc.
I have a Logitech G502 gaming mouse on my PC, and yet I cannot recreate the issue. I was just wondering if anyone had run across a similar situation.
I do have other Rads that use the same pool without any issue.
-
I wish we had the ability to provide feedback on the new Omnissa KB articles. When hosted in Broadcom/VMware there was a feedback option at the bottom of the page, where you could provide additional information about the issue. I would have provided a link to this community topic so that they knew the real fix, as opposed to telling people to disable Modern Auth. https://kb.omnissa.com/s/article/97111
-
Following up on this HTTP 404 from the AAD Broker Plugin. I have cleaned up my master images that had the registry keys as seen above located in the following location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces\IfIso
After recomposing the pools and disabling the NetSh workaround, I'm happy to report that I'm no longer getting the 404 Errors and authentication is working as expected. I've had a few thousand logins this morning, and no report of any issues!
I'm now very curious why this seems to only be talked about in Horizon forums. You'd think that this key could manifest itself on physical workstations as well...but I've not heard people complain about this anywhere else.
And to be fair, this is definitely a Microsoft issue. Now I know why the VMware and Omnissa KB articles "went stale" and we had to rely on forums like these to work out the issue. Thanks for helping out your fellow Horizon engineers!
-
1
-
1
-
-
We have not tried using PCOIP, but that's not a bad idea.
These are GE PACS Radiology CT Scan remote viewing stations, and we have the Horizon Smart policies tuned for that type of high-end graphical usage. That is why the Radiologists like to use the Relative Mouse feature. The "mouse trails" only happen when this is enabled on the client side.
I cannot recreate the issue at all, and getting time on the Remote Rads PC is very difficult. I was just wondering if anyone else had run across odd issues with the Relative Mouse feature.
-
Client is a Windows 10 PC, running a relatively recent version of the Horizon Client.
-
I'm testing deleting that Registry key now. I just wish there was a little more details on what deleting that Key, as opposed to modifying the values does to the OS.
-
1
-
-
Here is an example of the Netsh workaround. It's not fair of me to mention a fix to such a big issue without going the extra-mile, right?! For some reason, this fixes the issue with the Microsoft Store App - "Microsoft.AAD.BrokerPlugin" that is failing to function.
Create two "Privilege Elevation" tasks.
TraceStart -->
Arguments is one line: (change C:\temp to anyplace...could just be %temp%)
trace start scenario=InternetClient_dbg provider=Microsoft-Windows-TCPIP level=5 capture=yes packettruncatebytes=120 tracefile=C:\temp\net.etl report=disabled perf=yes correlation=disabled
TraceStop -->
Create two Logon Tasks -->
Just choose the elevated task from the Dropdown.
That's it. You should see a small .ETL file in the temp are that you defined earlier after logging into a VM.
Others have cleaned up the Netsh command to make it more efficient, so feel free to change it as needed. I just cannot find the old community post that has the updated information.
NOTE: there is some discussion about deleting one registry key that COULD resolve this issue. I have not fully tested it, but I'll mention it so that you can investigate.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces\IfIso\
-
I'd like to start a discussion on this long overdue fix from earlier in the year. It seems to have gone dormant, but yet the issue still persists. This is the issue where many Microsoft applications can no longer authenticate (404 Error) because of some odd bug introduced in the February Microsoft Windows update KB5034763.
If any of you that opened a Support ticket would care to provide any feedback, that would be great. I still have the NetSH workaround (not listed in the KB) from the old community forum. If people still need that workaround, we can recreate the detailed content in this new forum. It's basically an elevated NETSH command that triggers something in the network card on the VM that resolves the issue.
Ref: https://kb.omnissa.com/s/article/97111
Additional Reading on the issue:
https://www.reddit.com/r/sysadmin/comments/190tvru/office_http_404_in_avd/
-
1
-
-
Will the older templates be imported from the original community forums?
There were some really good ones with a lot of quality comments...
-
1
-
-
I'm trying to troubleshoot an issue where a physician is having severe mouse trails when using the Relative Mouse feature during a blast session. These are high-end nVidia GRID card sessions, and users have 1GB fiber connections. I cannot recreate the issue at all. The round trip time is around 30 ms.
Horizon 8. Horizon Client is up to date. nVidia drivers are the vSphere 7 (16.5) version. Blast sessions, tweaked as High speed-LAN using DEM smart policies. HEVC encoder.
Any ideas on what it could be? Or what I could look into?
Clarification on KB 1000590 (Already Used VM)
in Horizon 8
Posted
I'm looking for clarification on KB 1000590 --> The View virtual machine is not accessible and the View Administration console shows the virtual machine status as Already Used (1000590) (omnissa.com)
We are having random issues where a user cannot connect to a non-persistent desktop. When investigated, the desktop state is "already used". The pool is already set with the pae-DirtyVMPolicy=2: Automatically refresh virtual machines. The KB mentions adding some timeout values that I'd never seen published before.
cs-suspendpolltimeout=90000
and
cs-suspendpolltime=1000
Has anyone added these values before? This does not happen very often, but when it does, it involves the Clinical worker calling the Support Desk to delete the VM and causes disruption. I'd like the VM to just automatically delete as per the DirtyVMPolicy.