none
IE11 on 2012 R2 - roaming usernames and passwords RRS feed

  • Question

  • Usernames and passwords saved in IE does not roam with the roaming user profile from remote desktop server to remote desktop server.

    They seem to be only usable on the server where they were created. 

     We only see this with IE11 on 2012 R2 (not IE10 on 2008 R2)

    Anyone else seeing this? 

     

    Anyone has this working (roaming between different servers)?

     

    All ideas as to how we can get this working is much appreciated.



    • Edited by Confide Thursday, October 30, 2014 2:12 PM
    Wednesday, October 29, 2014 10:23 AM

All replies

  • Usernames and passwords saved in IE does not roam from server to server.

    Hi,

    I'm a bit confused with your description, would you please provide more details about your current IE roaming enviroment?

    Did you using roaming profile for the user account? If that it is, Where is these roaming profile stored?


    Roger Lu
    TechNet Community Support

    Thursday, October 30, 2014 2:05 PM
    Moderator
  • We use roaming profiles, mostly stored in the users home-directory, but have also testet with different shares. 

    The profile gets written perfectly, everything is remembered except (IE) usernames and passwords. 

    If I log of the users, and verify that the profile was deleted from remote desktop server 1 and written to the share, the users still cannot access the passwords when they log on remote desktop server 2.

    If the user logs on to server 1 again, the usernames/passwords are there. 

    Thursday, October 30, 2014 2:09 PM
  • Identical problem here..
    Monday, November 3, 2014 5:25 PM
  • same problem on my environment RDS2012R2 with IE11. Also here

    http://discussions.citrix.com/topic/357284-ie11-on-2012-r2-roaming-usernames-and-passwords/

    also sometimes when you save a password in IE and you logoff and logon again to the same server you will notice that the password is saved. If you go to the credential manager you can see the saved credentials but when you want to remove them you get a error. that is because sometimes the vault directory in the local appdata does not exist anymore.

    i contacted microsoft with my SA support. The first technician could not help me and advised me to contact Microsoft Professional Advisory. Now Microsoft Professional Advisory will not call me back. I am trying to contact them over a month now. Go Microsoft support :(

    i tried to solve it with credential roaming but also, that is not working for us.

    Wednesday, December 10, 2014 6:42 AM
  • I got a reply from Microsoft on my support-case in this matter.

    They say the domain-accounts need to be joined with a Microsoft-account to make roaming of credentials work.

    I can only assume the credentials are roamed via MS and between all devices, which is not an option in our environment.


    • Edited by Confide Wednesday, December 10, 2014 6:51 AM
    Wednesday, December 10, 2014 6:50 AM
  • By the way, this problem is also on windows8.1 domain joined. The website passwords are not roaming to other windows8.1 pc's.

    I tried on two test machines with a domain account connected to a microsoft account but still this is not working. It is working when you only use a microsoft account that is not connected to a domain account.

    i found this info on a microsoft website. But the info at the last bullet is confusing me.

    http://technet.microsoft.com/en-us/library/jj554668.aspx

    Credential roaming is enabled by default on non-domain joined computers, making it possible for users to access their Credential Locker through all their trusted Windows devices. The files that compose Credential Locker cannot be password protected and access to Credential Locker cannot be locked. The Credential Locker roams with the user’s Microsoft account, and Windows synchronizes the credentials as sign in occurs.

    Following are some important behaviors to consider if you use Credential Locker in your enterprise.

    • Credential management by using Credential Manager is controlled by the user on the local computer.
    • Windows prevents credentials that are stored in Credential Locker on domain-joined computers from leaving the enterprise as part of the user profile in the Microsoft account.
    • Credentials in the Microsoft account will not roam within your enterprise if you are using Credential Roaming (formerly known as Digital ID Management Service or DIMS).The Roaming User Profiles feature incorporates Credential Locker, which might result in credential usage conflicts with Credential Manager. Therefore, we recommend that you choose either Credential Manager which uses Credential Locker or the Roaming User Profiles in your enterprise design.
    • Credentials only roam into your enterprise by using a user profile of a Microsoft account if a credential with the same username, target, and Windows Store app package ID does not currently exist in your enterprise.

    Wednesday, December 10, 2014 7:27 AM
  • http://discussions.citrix.com/topic/361602-ie11-on-2012r2-vda-user-registry-hive-not-saved/page-2

    This solved the problem for us :)

    Roaming the following: 

    appdata\local\Microsoft\Credentials
    appdata\local\Microsoft\Vault

    Creating these folders:

    appdata\local\Microsoft\Vault

    appdata\local\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
    appdata\local\Microsoft\Vault\UserProfileRoaming

    Credit goes to the people in the original thread at the Citrix user forums :)

    • Edited by Confide Wednesday, June 17, 2015 12:33 PM
    Wednesday, June 17, 2015 12:23 PM