Roaming VMware Horizon credentials with Microsoft Office Click-to-Run

By - March 9, 2017

One of the great things about Office 365 and VMware Horizon is that it makes life as the IT administrator easier.  This specific combinations of technology comes with one big headache if you don’t have your Office 365 tenancy federated with your Active Directory Domain. The credential for Outlook is not roamed with the rest of the profile when the user logs off. This is by design as VMware does not support roaming the cryptographic service by default. For more information, reference this VMware KB article.

There are two solutions for this problem currently. One being to federate your Active Directory domain with your Office 365 tenancy.  The other is to use Windows Roaming Profile Synchronization Group Policy on your Horizon desktops. To do this follow the steps outlines below.

Note: If this is a brand new deployment with no Persona Profiles being created you will not need to perform step 4

  1. Within your VMware group policy go to ComputerAdmin TemplatesClassic Admin TemplatesVmware View Agent ConfigPersona managementRoaming & Synchronization
  2. Enable Roam local settings folder
  3. Enable Windows roaming profile synchronization and enter the following lines
    1. appdataroamingmicrosoftcredentials
    2. appdataroamingmicrosoftprotect
    3. appdataroamingmicrosoftcrypto
    4. appdatalocalmicrosoftcredentials
    5. appdatalocalmicrosoftvault
  4. In the persona profile for each user navigate to those five folders and delete them.
  5. Refresh the desktops to update the Group Policy
  6. The next time a user logs in they will be prompted for their password but it will now be roamed after logoff with Windows roaming profile synchronization instead of VMware Persona Management.

For smaller environments that do not require federation this is a great solution for IT administrators to implement and remove the headache of users needing to type their password every day when they log in.

To find out more about this or other ways that RSM can assist you with your Microsoft solution needs, contact RSM’s technology consulting professionals at 800.274.3978 or email us.

Receive Posts by Email

Subscribe and receive notifications of new posts by email.