FSLogix breaks AWS/Azure CLI

How to fix this unusual bug

< Back to blog

We recently resolved a critical issue affecting some of our AVD customers using AWS and Azure CLI tools for development. If you’ve encountered authentication failures in these environments, here’s what you need to know and how to fix it.

🔍 The Problem

After FSLogix version 2.9.8884.27471, newer releases introduced a change that breaks authentication to AWS and Azure CLI in domain-joined AVD environments. This impacted developers relying on CLI-based workflows for cloud operations.

To mitigate the issue, we temporarily pinned FSLogix to version 2.9.8884.27471 in our image while we worked with Microsoft on a resolution.

✅ The Resolution

Thanks to collaboration with Microsoft’s FSLogix escalation team, we now have a supported workaround that restores CLI authentication functionality. The fix involves deploying a Group Policy Preference registry key to affected machines.

🛠️ How to Apply the Fix via Group Policy

  1. Open the Group Policy Management Console (gpmc.msc).
  2. Create or edit a Group Policy Object (GPO) that targets your AVD session hosts.
  3. Navigate to: Computer Configuration > Preferences > Windows Settings > Registry
  4. Add a new Registry Item with the following settings:
    • Action: Update
    • Hive: HKEY_LOCAL_MACHINE
    • Key Path: SYSTEM\CurrentControlSet\Services\frxdrvvt
    • Value Name: SupportedFeatures
    • Value Type: REG_DWORD
    • Value Data: 11 (Hexadecimal B)
  5. Apply the GPO and reboot the session hosts.

💡 This workaround is supported for all FSLogix versions above 25.x.

📅 What’s Next?

There is currently no ETA for a permanent fix from Microsoft. We’ll continue to monitor the situation and update our base images and documentation as soon as an official patch is released.