Back in March, we discharged the open see of Windows Virtual Desktop, a cloud-based work area and application virtualization administration that supports multi-session Windows 10 encounters, Remote Desktop Services (RDS), and Office 365 ProPlus. Today I needed to share some direction on the most proficient method to set up FSLogix profile compartments on Azure Files with Azure Active Directory (Azure AD) Domain Services verification, a situation additionally accessible in open see as of the date of this post.
For the reasons for this well ordered guide, I will expect that you as of now have a lot of virtual machines (VMs) that are a piece of a Windows Virtual Desktop condition. If not, you can discover data on the most proficient method to begin with Windows Virtual Desktop on the Tech Community or through our official specialized documentation on Docs.
This post will walk you through the procedure of:
- Arranging Azure AD Domain Services.
- Making an Azure Files stockpiling record and empowering Azure AD Domain Services confirmation
- Designing FSLogix.
Designing Azure AD Domain Services
To start with, you’ll have to sign in to the Microsoft Azure Portal with a record that has patron or director authorizations.
From the sidebar, select All administrations, type “area administrations” in the hunt box, select Azure AD Domain Services,and hit Enter.
In the Azure AD Domain Services window, select office setup
This will begin the wizard for arranging an Azure AD Domain Services arrangement.
For stage 1, Basics:
- Enter the DNS space name.
- Select a functioning Azure membership (if various are accessible).
- Select a vacant asset gathering or make another one by choosing Create new.
- Select an area.
For stage 2, Network, arrange a virtual system or select a current one. Our suggestion is to make another one by choosing Create new and entering the accompanying data:
- Address space
- Subnet name
- Subnet address extend
For stage 3, Administrator gathering, select the Azure AD clients that will be dealing with the Azure AD Domain Services design.
For most organizations, there is no compelling reason to change any of the data in stage 4, Synchronization. The default esteems should do the trick.
In stage 5, Summary, you will see a rundown of your setup, like that demonstrated as follows.
Snap OK to proceed. This will begin the organization in Azure. In the event that it isn’t consequently appeared, you can tap on the Notifications symbol in the worldwide controls bar to see sending progress
When the arrangement has finished, explore to Azure AD Domain Services and affirm that Azure AD Domain Services is running.
Including extra Azure AD Domain Services heads
To include extra heads, we are first going to make another client and after that award authorizations to that client. To do this:
- Select Azure Active Directory from the sidebar, select All clients, and select New client.
- Enter client subtleties.
- Back in the Azure Active Directory left sheet, select Groups.
- Select the AAD DC Administrators.
- In the left sheet, select Members, at that point select Add individuals in the primary sheet. This will demonstrate a rundown of all clients accessible in Azure AD. Select the client that was simply made.
Make an Azure Files stockpiling record and empower Azure AD Domain Services verification
Presently it’s a great opportunity to empower Azure AD Domain Services validation over Server Message Block (SMB). For more subtleties on this procedure, see the Azure Storage Documentation.
To begin with, explore to the Microsoft Azure Portal, select All administrations from the sidebar, and select Storage accounts.
Next, click Add to begin the Create stockpiling account wizard. Enter the accompanying subtleties:
- Select Subscription (if appropriate).
- Select a current Resource gathering or select Create new to make another one.
- Enter the Storage record name.
- Select the (We suggest utilizing a similar area as the session have VMs.)
- Select the Performance
- Select a StorageV2 (broadly useful V2) Account kind.
Select Review + make.
This will trigger approval of the info.
When the record has passed approval, select Create. This will begin the organization.
When the organization has finished, continue to the following stage by choosing Go to asset.
Select Configuration from the left sheet, at that point empower Azure Active Directory verification for Azure Files (Preview) in the fundamental sheet. Affirm this change by choosing Save.
When spared, select Overview in the left sheet, at that point Files in the fundamental sheet.
Select File share and enter the Name and Quota.
Reorder the accompanying data into Notepad or other plain content application:
Supplant <Custom-Role-Name> with AADDCpreview and supplant <Subscription-ID> with the membership I wherein the capacity record is found.
Spare the record as CustomRole.JSON.
Open Windows PowerShell as a chairman.
Make the accompanying adjustments to directions above:
- For <role-name>, determine a similar name as one characterized in JSON (AADDCpreview).
- Supplant <subscription-id> with the ideal membership id.
- Supplant <resource-group> with the name of the asset bunch where the capacity record is (profiles).
- Supplant <storage-account> with the name of the asset stockpiling (fsprofile).
- Supplant <share-name> with the name of the offer made before (share).
- Supplant <user-head name> with client chief names of those clients that will use FSLogix profiles on Azure Files.
6. At long last, explore to the Microsoft Azure Portal, select Virtual machines from the sidebar, select the ideal VM, select Overview in the left sheet, at that point Connect in the primary sheet to sign in as a head and begin a Remote Desktop (RDP) session.
Acquire stockpiling record access key
From the Microsoft Azure Portal sidebar, select Storage accounts. From the rundown of capacity accounts, select the record for which you empowered Azure AD Domain Services and made the custom jobs in ventures above.
Under Settings, select Access keys and duplicate the key from key1.
This will download a RDP record that enables you to associate with the VM by means of the qualifications determined during VM creation.
Once remotely associate with the VM, run Command Prompt as a head.
Adjustments to this direction ought to be as per the following:
- Supplant <desired-drive-letter> with a drive letter of decision (for example y:).
- Supplant all occurrences of <storage-account-name> with the name of the capacity record determined before.
- Supplant <share-name> with the name of the offer made before.
- Supplant <storage-account-key> with the capacity record key from Azure.
Adjustments to this order ought to be as per the following
- Supplant <mounted-drive-letter> with a drive letter of decision.
- Supplant <user-email> with the UPN of the client will’s identity getting to the session have VMs and requirements a profile.
Design FSLogix on session have VMs
Presently it’s an ideal opportunity to arrange the FSLogix profile compartment. For more subtleties on this procedure, see Set up a client profile share for a host pool.
While still remotely signed in to the session have VM, download and introduce the FSLogix operator (.compress record, 166 MB. Unfasten the downloaded document and explore to x64\Releases and execute FSLogixAppsSetup.exe.
Once the installer dispatches, select I consent to the permit terms and conditions. On the off chance that appropriate, give another key. Select Install.
Explore to C:\Program Files\FSLogix\Apps to affirm that the FSLogix operator was appropriately introduced.
Run Registry Editor (RegEdit) as an overseer.
Explore to Computer\HKEY_LOCAL_MACHINE\software\FSLogix, right snap on FSLogix, select New, at that point Key. Make another key named Profiles.
Right snap on Profiles, select New, and select DWORD (32-bit) Value. Name the worth Enabled and set the Value information to 1.
Right snap on Profiles, select New, and select Multi-String Value. Name the worth VHDLocations and set enter the URI for the Azure Files share (\\fsprofile.file.core.windows.net\share) as the Value information.