question

ShaunWilliams-7231 avatar image
0 Votes"
ShaunWilliams-7231 asked GobiSiva-6509 commented

Desperate help in fixing broken Profiles.

I have a thread on Reddit here: https://www.reddit.com/r/sysadmin/comments/o0rzt3/in_desperate_need_of_help_with_a_problem_with/

Here is a copy of my issue.

Having major issues.

We have AD on Server 2019, and we also run Remote App with Session Hosts etc. Basic run of the mill setup. Clients are all Windows 10 21H1. We also run WSUS (which is helping my problem be manageable). We also run FSLogix for roaming profiles. For those that don't know, FSLogix uses a VHD file for mounting effectively the AppData folder for the user.

The problem:

We are getting a few updates that are causing a problem. The problem is that the VHD mounts, but you cannot assign a drive letter to it to be able to read it. FSLogix doesn't add a drive letter but seems to mount the VHD (I see the file getting read) but it keeps saying it's already mounted, seems it just can't read it.

The VHD files are on a Synology NAS. The problem occurs on both VHD or VHDX files. I have played with the SMB settings and I have tested on my home PC, that has Synology NAS and WIndows 10, just no domain, but I don't seem to have the issue at home.

The Updates are as follows (for both Windows Server (Session Hosts) and Windows 10:

KB5001337

KB5001330

KB5001406

KB5003173

KB5003171

KB5003637

KB5003646

There can't be the exact same problem with every single update. I am starting to think that something these updates do, is a symptom and the actual problem is something on our network, maybe even a configuration issue. The ONLY thing that I can think of that is glaringly different on my works network as opposed to home, is that here at work we have Multicasting disabled on the network. But I also can't imagine that being the problem.

I really need help working this out. WSUS lets me manage these updates but I am now concerned we will be open to other issues these updates solve. I really need to get to the bottom of this issue. Any help in further diagnosing, and/or suggestions on what to look at next would be much appreciated.

windows-10-network
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

OK so an update.

After many hours of testing different scenarios:

First the storage location of the FSLogix VHD file: Works 100% fine when using a Share from the AD Server. Not sure if it's specifically the AD server or just a Windows Share. 100% fails when using the NAS.

I tried letting FSLogix create the VHD from scratch on both, tried combos of copying a working VHD from AD Share to NAS and vice versa, and even tried twice on all situations to make sure there wasn't an issue with creating etc.

The first weird situation was I created a VHD with FSLogix (by login on new profile) and then copied the NAS version to the AD share. When I then tried to log in, it worked, but it renamed the original file as corrupted-{sid}-{username}.vhd, so It failed and only worked cause it created a new VHD next to the renamed version.

0 Votes 0 ·

I even tried to manually mount under a local profile, AD Share version worked, but the NAS share version, mounted the VHD, but I couldn't set a drive letter. It seems to be unable to read the partition in the VHD file.

Conclusions (so far):

Its NOT the NAS specifically. I tried all the above on another NAS. Both Synology (all I have), but both different models, and 1 of them is 3 updates behind. So not a firmware issue either. I have tried different SMB settings too.

Specifically, the issue seems that FSLogix, can create the VHD on the NAS, it creates the SID subfolder and everything. It then can't read or mount the partition so it can then save files inside it. I conclude this when I created the new VHD files, the AD version was around 500Mb the NAS version was 140Mb, both should have been exactly the same.


0 Votes 0 ·

I also copied both AD and NAS created VHD's to the NAS Profile share and tried manually mounting. I mounted both VHD's fine, it even auto-assigned a drive letter and was able to browse.

I have tried the NAS version inside the SID subfolder and next to it. It always mounts and reads fine outside of SID folder, but inside it will work sometimes, and not others.

At this stage, it looks like a permission issue, but 2 things make me question that.

I can read and write to the folder fine, I have ownership and FSLogix creates the folders and permissions.

0 Votes 0 ·

The VHD works sometimes in the SID folder, pointing that it cant be permissions, I haven't changed any other settings other than moving the VHD and remounting it.

How would folder permissions affect reading partitions from the VHD? I can understand if I couldn't mount the VHD at all etc.

So in conclusion, I know a lot more about the problem, but still not enough to know exactly what it is and possibly fix it. So I know much much more but still know nothing.

0 Votes 0 ·
SunnyQi-MSFT avatar image
0 Votes"
SunnyQi-MSFT answered

Hi,

Thanks for posting in Q&A platform.

Please understand, due to the environment limitation, it is hard for us to reproduce and analyze this behavior in our lab. Some necessary network traffics should also be collected for further analyzing this issue. However, analysis of log is beyond our forum support level and due to forum security policy, we have no such channel to collect user log information. If this issue is urgent, I would suggest you contact Microsoft Customer Support and Services where more in-depth investigation can be done so that you would get a more satisfying explanation and solution to this issue.

You may find phone number for your region accordingly from the link below:

https://support.microsoft.com/en-us/help/4051701/global-customer-service-phone-numbers

Best Regards,
Sunny


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GaryNebbett avatar image
0 Votes"
GaryNebbett answered

Hello @ShaunWilliams-7231,

I am not familiar with your type of set-up (I have been retired for a few years now) but, if it makes sense to you, you could try the following on a client:

  • Issue the command: logman start why -ets -p Microsoft-Windows-SMBClient Smb_Info -o why.etl.

  • Try to connect to and use the profile.

  • Issue the command: logman stop why –ets.

  • Issue the command: wevtutil qe /f:text /lf:true /q:"*[System[EventID = 30406 or EventID = 30407]]" why.etl | findstr "SMB.send SMB.receive".

  • Review the output of the process and verify that it matches your expectations; post here if there are things that seem odd to you.

Gary



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JulianSouthern-9777 avatar image
0 Votes"
JulianSouthern-9777 answered GobiSiva-6509 commented

Hi @ShaunWilliams-7231

Did you ever find a slution to your problem? We are experiencing the exact same issue, we have a call rasied with Microsoft but we are not getting anywhere fast. The issue has been occuring since we installed the May (I've not confirmed if it happened with the April update).

I've created the logs that @GaryNebbett has suggested and passed it over to our storage provider. I'll be honest, I'm not sure if it will provide any isight.

Regards

· 9
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @JulianSouthern-9777,

If you make your logs available then I will take a look at them. Depending on what the logs contain, there may be other tracing steps that provide more targeted information about the possible causes of the problem.

Gary

0 Votes 0 ·

Thanks Gary, it's really appreciated.

I have attached the log. 125025-smb.txt


0 Votes 0 ·
smb.txt (1.3 MiB)

Hello @JulianSouthern-9777,

Your trace data was not consistent with my first "guess" about the possible cause of the problem.

I have a clear idea about what tracing I would perform next, but it is unlikely that you would be able to interpret the (binary) trace data; furthermore, it is very likely that the trace data would contain information that you would not choose to share.

I would include the following ETW providers in the "next step" trace:

Microsoft-Windows-SMBClient
Microsoft-Windows-VHDMP
Microsoft-Windows-MountMgr
{467c1914-37f0-4c7d-b6db-5cd7dfe7bd5e} # WPP_ThisDir_CTLGUID_Mountmgr
{3c70c3b0-2fae-41d3-b68d-8f7fcaf79adb} # WPP_ThisDir_CTLGUID_VhdmpTraceGuid
{e4ad554c-63b2-441b-9f86-fe66d8084963} # WPP_ThisDir_CTLGUID_Smb20Log

One way of starting such a trace would be to issue the command:

netsh trace start provider=Microsoft-Windows-SMBClient provider=Microsoft-Windows-VHDMP provider=Microsoft-Windows-MountMgr provider={467c1914-37f0-4c7d-b6db-5cd7dfe7bd5e} keywords=0xFFFFFFFF level=255 provider={3c70c3b0-2fae-41d3-b68d-8f7fcaf79adb} keywords=0xFFFFFFFF level=255 provider={e4ad554c-63b2-441b-9f86-fe66d8084963} keywords=0xFFFFFFFF level=255 report=disabled tracefile=why.etl

The trace can be stopped with the command netsh trace stop.

In the unlikely event that you choose to make the data available, I would take a look at it.

Gary






0 Votes 0 ·
Show more comments

No have not found a solution as yet, other than moving our share for fslogix vhd files to be on server 2019.

I have confirmed that this issue is happening when trying to mount the vhd profile for fslogix if the vhd is on a NAS shared via SMB.

I have tried all sorts of things to try to find the exact issue, but so far it isn't path name/length, it isn't SMB version, tested from 1 to 4.1, it isn't authentication either. It also isn't an issue with browsing, as I can still browse the Nas and we even have folder redirection pointed to the Nas over SMB. All files can be read and written. It is very specifically an issue with mounting a vhd from the smb Nas location. I move the same vhd to a local drive, and it mounta fine.

I to am desperate for an answer, 2e are not willing to decommission, $20,000 worth of storage just because of one bug.

This only started happening after the updates I mentioned. Remove those updates and it works perfectly again.

0 Votes 0 ·

Hi @ShaunWilliams-7231

Just wanted to let you know what we have discovered whilst trying to figure out a workaround that lets us keep using the storage and update the servers. If we add SYSTEM to the top level NTFS permissions and apply to 'This folder, subfolder and files', it appears to 'fix' the issue whilst retaining the correct CREATOR OWNER permissions.

IMaybe worth a shot your end?

Regards

0 Votes 0 ·

I've also shared these findings with @GaryNebbett who has been incredibly helpful in trying to figure out what is going on here.

0 Votes 0 ·

Hi Julian

I can confirm adding the system NTFS permission indeed fix the issue.
My environment is Windows 2016 VDI with Synology FSLogix share.

0 Votes 0 ·
GaryNebbett avatar image
0 Votes"
GaryNebbett answered

Hello @ShaunWilliams-7231,

Julian took the risk and shared some data with me. My current suspicion is that an update to vdhmp.sys is causing the problem; vdhmp.sys seems to be included in the updates that you mentioned (at least, those for which I could find a list of affected files).

The problem seems to be use of the file system control code FSCTL_VIRTUAL_STORAGE_QUERY_PROPERTY issued by the routine VhdmpiInitializeScsiStateForSurface, which fails with error code STATUS_NOT_SUPPORTED when sent to some NAS servers.

Anything that you can add to firm up or refute this suspicion would be appreciated.

If the suspicion is founded, then there is probably no workaround to enable continued use of the NAS but the information could help in discussions with the NAS manufacturer.

Gary

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.