Ensure you have decided on a target OU for the local identity.
If you accidentally create a file share in an unsupported region, the script will helpfully inform you of this when you run Join-AzStorageAccountForAuth command. Create your storage account in a supported region.Make sure you have an account to hand with appropriate permissions to modify storage accounts in your target Azure subscription.Ensure you have Azure AD connect configured to synchronise your target user accounts or groups to AAD.Initial Configuration and Prerequisitesįirstly, it is important to ensure that you meet the prerequisites listed in the configuration article linked below:įrom a high-level perspective, the key prerequisites are: Adopting this service for FSLogix profiles is tested later in this blog. It’s now available in preview, and although there are a few manual processes to contend with, configuration is reasonably straightforward.Īnother benefit of this service beyond ACL managed file shares is that Windows Virtual Desktop and the FSLogix profile management tool can take advantage of this new function in order to store and retrieve user profiles in a secure fashion, with appropriate permissions applied to prevent unauthorised access to user profile folders or their contents. The ability to set Active Directory based permissions on Azure Storage Account file shares has been one of the most heavily requested features of the platform.
0 kommentar(er)
