Windows VDA + Roaming Profile + OTP program

Hi everyone!

You use roaming profile, a VDA’s system with machine hosted in a cloud and you use a mobile OTP’s program like CA ArcoID OTP inside the desktop? Does it bug and keep locking your key for your users, what to do !!?

Well, look no further, I have the solution.

The problem is actually the OTP program that add a master key locally and in the user profile when you add the device. The problem arise when the user log into another computer, the roaming profile bring back the device configuration from the HCU registry’s hive but the masterkey.dat locally is not the same. If one of those key change, the system will generate random number like usual without any warning, but they will not work. (As the key differ).

– First be sure all users got a home folder.

– Now we start, install the OTP’s app in the golden image. (

– Navigate there; c:\Users\Public\CA.

– Copy the ArcotLow’s folder content. It should contain an empty keys.dat and masterkey.dat.

– Copy those file on the user share

– Rename the ArcotLow’s folder.

– After open a command prompt in c:\Users\Public\CA

– Run mklink /d ArcotLow x:\ (where x:\ is the home folder)

– Close the golden image, it’s now finish !

Now you can enjoy the OTP’s program that will list the same number than the OTP’s program on your phone in example 🙂




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s