Office365 on a non-persistent Citrix Desktop? FSLogix does that for you!

Posted by Christiaan Brinkhoff on Oct 17, 2016 3:07:05 PM

Find me on:

One problem that caused me a little headache for some days where the corrupted OST files of a customer of mine that uses Office365 / Exchange Online on top of a non-persistent (MCS) XenApp Desktop environment. One of my earlier challenges were to level the old performance with the performance they used to have before with the on-premises Exchange 2010 mail server setup. As you probably know already, Office365 is cloud based, what makes the client performance depending on the internet connection instead on the LAN, and Outlook Cache Mode a required then recommended option to configure.

The first attempt was to configure the cache mode functionality trough the basic Outlook GPO’s with the OST put in a other network location direction, Citrix already wrote an article about this. At first sight a good solution that did his work for a couple of days, but after a larger scale of users the problems with corrupt OST files became reality. Of the 300 users that logon, an daily average of 15-20 users where contacting the helpdesk to ask for help they cannot open Outlook anymore with the error; the file \\fileserver\user\Outlook\Default Outlook Profile – username.ost cannot be opened. The only way to fixed this problem was to re-create the Outlook profile, what normally can be incidental, but now it reoccurred every day for the same users.

After a short time of troubleshooting, all the directions pointed me at the FSLogix Office365 Container solution. FSLogix delivers a software solution they named FSLogix Apps, one of the features are the Office365 Containers.

Christiaan_O365_Blog.jpeg

What the containers solution simply does is creating a Virtual Hard Drive per single user and mounts it at the user’s logon process to the Desktop or Server. The default location of the OST stays locally and the local Outlook folder will be redirected to the personal VHD(x) file. So Outlook still thinks that the OST is located locally. The software also has an option to move existing OST files into this location, so there is no need to re-sync or recreate the Outlook profile again.

The solution is even recommended by Citrix and Microsoft and presented at Microsoft Ignite, from this year’s September.  

All the Office 365 Container features

  • True Cached Exchange Modewith patent-pending OST containerization, Outlook on XenApp and XenDesktop can now function and perform as if locally installed on a high performance workstation. Users don’t need to compromise email and calendar performance to adopt strategic initiatives like virtual desktops.
  • Real-Time Searchenables inbox and personal folder search to work as designed on XenDesktop, with maximum performance, and no workarounds requiring end-user training or unique behavior between physical and virtual environments.
  • Plug and Play managementfeatures a micro-application footprint with drop-in installation, GPO templates, simple rules based configuration, and the use of existing CIFS/SMB servers, improving the ROI of existing enterprise infrastructure.
  • Infrastructure compatibilityworks on all major virtual desktop and hosted email solutions, complimenting profile management products traditionally used in virtual workspace environments.

More to be released…

FSLogix is developing a new extra feature based on the same Office365 VHD mounting technology for OneDrive for Business folder synchronization. At the moment a huge problem for non-persistent environments. So stay tuned to the website of FSLogix website if you are interested, just like me.

As for as my knowledge this feature will be included in the same license for Office365 Container, so no optional license is needed.

Software requirement

  • FSLogix Office 365 Container software (request a 30 days trial here)
  • SMB File Share server
  • Windows 7 32/64 bits (VHD supported)
  • Windows 10 32/64 bits (VHDx supported)
  • Windows Server 2008 R2 (VHD supported)
  • Windows Server 2012 R2 (VHDx supported)

Step-by-step installation

Pre-step: In Windows 7 and Windows Server 2008 R2 environments, the following patch from Microsoft must be applied in order for the FSLogix product to work properly: https://support.microsoft.com/en-us/kb/2614892

Step 1: First we need to configure the SMB Shared folder location to store the Container VHD files

Note: I recommend to do the configuration on a separated server, or a server that has a low I/O consumption for other services.

Step 2: Create a folder share (prefer to be hidden), name the folder something like Containers and set the share permissions for Domain Admins to Full Control and setup the rights for Domain Users to Allow Read and Change

Note: All the urgent access permissions will be setup in the NTFS permissions of the folder. If you want to make this more secure, you can setup another security group instead of the Domain Users.

Christiaan_O365_Blog2.png

Step 3: Go to the Security Tab of the folder, open the Advanced option, disable the inheritance option, and choose to Remove all the inherited permissions from this object

Block_Inheritance.png

Step 4: Setup the Advanced NTFS folder permissions of the Container folder, with at least the following required permissions:

  • CREATOR OWNER – Full Control (Subfolders and Files Only)
  • SYSTEM – Full Control (This Folder, Subfolders and Files)
  • Administrators – Full Control (This Folder, Subfolders and Files)
  • Users – Create Folder/Append Data (This Folder Only)
  • Users – List Folder/Read Data (This Folder Only)
  • Users – Read Attributes (This Folder Only)
  • Users – Traverse Folder/Execute File (This Folder Only)

Note: Check the folder ownership and change (if needed) it to the SYSTEM account

Advanced_Security_Settings_for_Containers.png

Step 5: Now the group policy configuration part comes around, copy the fslogixODFC.ADMX and fslogixODFC.ADML policy files that you download earlier to the sysvol Central Store of Active Directory or choose to put it into the local policy store of your domain controller.

Step 6: Open your Group Policy Management Console and create a new (Computer) Policy on the OU where your XenApp or XenDesktop Computer objects are in

Step 7: Edit the Policy and go to Computer Configuration->Administrative Templates->FSLogix->Office 365 Container

Step 8: Enable the Enabled option and setup the VHD location that created earlier in step 2

Note: The VHD location only needs to be the share folder location, like \\IS-FS01\Containers$ (no %username% parameter is required).

Continue reading more from Christiaan's full blog post to get the entire step-by-step process for enabling Office 365 on a non-persistent Citrix Desktop.

This was originally posted at https://blog.infrashare.net/2016/10/17/office365-on-a-non-persistent-citrix-desktop-fslogix-does-that-for-you/

Topics: Office 365, Citrix, non-persistent VDI, XenApp, XenDesktop, Outlook, Cached Exchange Mode, Microsoft

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all

Follow Me