When using non-persistent VDI, if you want to prevent adding a work or school account ensure the following registry key is set:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin: "BlockAADWorkplaceJoin"=dword:00000001
Ensure you're running Windows 10, version 1803 or higher.
Roaming any data under the path %localappdata% is not supported. If you choose to move content under %localappdata%, make sure that the content of the following folders and registry keys never leaves the device under any condition. For example: Profile migration tools must skip the following folders and keys:
%localappdata%\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy
%localappdata%\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy
%localappdata%\Packages\<any app package>\AC\TokenBroker
%localappdata%\Microsoft\TokenBroker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AAD
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WorkplaceJoin
Roaming of the work account's device certificate is not supported. The certificate, issued by "MS-Organization-Access", is stored in the Personal (MY) certificate store of the current user and on the local machine.
Below is the article for reference
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-device-identity-virtual-desktop-infrastructure#non-persistent-vdi