Excluding and including users of FSLogix

Local administrators, or administrators who are to manage the session hosts, should be excluded before a profile disk is created. I have created two scripted actions to help me with this.

As a prerequisite, you need to know that I have a variable in which I have stored the name of the local administrator, as I can’t get this name any other way.


I therefore always have the following variable:

The two scripted actions also support the variable “FSLogixExcludeList” and one scripted action also supports “FSLogixIncludeList”. In all variables, the values are separated by commas, with no space between them.

In each case, the “LocalAdministrator” and “FSLogixExcludeList” are taken together and added to the corresponding group on the session host.


The simpler of the two scripts only adds the users that are to be excluded from profile disks:

The second script can also add include users:


Managing the groups can also be achieved via group policies or Intune policies, but I prefer to rely on scripted actions, so that this is configured correctly on all systems right from the start. I hope it can help you in your deployment.