Skip to content

Commit 134e6e2

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #221794 from davidbel/davidbel-42166282-AzFiles-prereq
Add a Prerequisite section.
2 parents 06464dd + f41c4d1 commit 134e6e2

File tree

1 file changed

+8
-2
lines changed

1 file changed

+8
-2
lines changed

articles/virtual-desktop/create-profile-container-azure-ad.md

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,15 +6,21 @@ author: Heidilohr
66
manager: femila
77
ms.service: virtual-desktop
88
ms.topic: how-to
9-
ms.date: 11/07/2022
9+
ms.date: 12/16/2022
1010
ms.author: helohr
1111
---
1212
# Create a profile container with Azure Files and Azure Active Directory
1313

14-
In this article, you'll learn how to create an Azure Files share to store FSLogix profiles that can be accessed by hybrid user identities authenticated with Azure Active Directory (Azure AD). Azure AD users can now access an Azure file share using Kerberos authentication. This configuration uses Azure AD to issue the necessary Kerberos tickets to access the file share with the industry-standard SMB protocol. Your end-users can access Azure file shares over the internet without requiring a line-of-sight to domain controllers from Hybrid Azure AD-joined and Azure AD-joined VMs.
14+
In this article, you'll learn how to create and configure an Azure Files share for Azure Active Directory (Azure AD) Kerberos authentication. This configuration allows you to store FSLogix profiles that can be accessed by hybrid user identities from Azure AD-joined or Hybrid Azure AD-joined session hosts without requiring network line-of-sight to domain controllers. Azure AD Kerberos enables Azure AD to issue the necessary Kerberos tickets to access the file share with the industry-standard SMB protocol.
1515

1616
This feature is currently supported in the Azure Public cloud.
1717

18+
## Prerequisites
19+
20+
Before deploying this solution, verify that your environment [meets the requirements](../storage/files/storage-files-identity-auth-azure-active-directory-enable.md#prerequisites) to configure Azure Files with Azure AD Kerberos authentication.
21+
22+
When used for FSLogix profiles in Azure Virtual Desktop, the session hosts don't need to have network line-of-sight to the domain controller (DC). However, a system with network line-of-sight to the DC is required to configure the permissions on the Azure Files share.
23+
1824
## Configure your Azure storage account and file share
1925

2026
To store your FSLogix profiles on an Azure file share:

0 commit comments

Comments
 (0)