Skip to content

Commit f01a83b

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #229715 from dknappettmsft/avd-icacls-group-correction
AVD icacls group correction
2 parents 76bf072 + e725bc8 commit f01a83b

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

articles/virtual-desktop/fslogix-profile-container-configure-azure-files-active-directory.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -195,10 +195,10 @@ To set the correct NTFS permissions on the folder:
195195
net use y: \\fsprofile.file.core.windows.net\share HDZQRoFP2BBmoYQ(truncated)== /user:Azure\fsprofile
196196
```
197197
198-
1. Run the following commands to set permissions on the share that allow your Azure Virtual Desktop users to create their own profile while blocking access to the profiles of other users. You should use an Active Directory security group that contains the users you want to use Profile Container. In the commands below, replace `<mounted-drive-letter>` with the letter of the drive you used to map the drive and `<upn>` with the UPN name of the Active Directory group or user that will require access to the share.
198+
1. Run the following commands to set permissions on the share that allow your Azure Virtual Desktop users to create their own profile while blocking access to the profiles of other users. You should use an Active Directory security group that contains the users you want to use Profile Container. In the commands below, replace `<mounted-drive-letter>` with the letter of the drive you used to map the drive and `<DOMAIN\GroupName>` with the domain and sAMAccountName of the Active Directory group that will require access to the share. You can also specify the user principal name (UPN) of a user.
199199
200200
```cmd
201-
icacls <mounted-drive-letter>: /grant "<upn>:(M)"
201+
icacls <mounted-drive-letter>: /grant "<DOMAIN\GroupName>:(M)"
202202
icacls <mounted-drive-letter>: /grant "Creator Owner:(OI)(CI)(IO)(M)"
203203
icacls <mounted-drive-letter>: /remove "Authenticated Users"
204204
icacls <mounted-drive-letter>: /remove "Builtin\Users"
@@ -207,7 +207,7 @@ To set the correct NTFS permissions on the folder:
207207
For example:
208208

209209
```cmd
210-
icacls y: /grant "[email protected]:(M)"
210+
icacls y: /grant "CONTOSO\AVDUsers:(M)"
211211
icacls y: /grant "Creator Owner:(OI)(CI)(IO)(M)"
212212
icacls y: /remove "Authenticated Users"
213213
icacls y: /remove "Builtin\Users"

0 commit comments

Comments
 (0)