Entra Private Access Issues with DFS Fileshares and RDS Farm Access

Question

Hi ! I am using Entra Private Access for web applications and classic fileshares, it works successfully. However, I am having trouble accessing to two types of resources:

• DFS fileshares
• RDS farm

I have tried publishing all components of the RDS farm (Loadbalancer, Broker, SessionHost). It connects successfully to the brocker but then fails when accessing the session host. For DFS i've published the root path, but it doesnt work.

There does not seem to be any documentation available regarding these types of resources. Thanks for your help !

Answer 1

@COUMET Charles Thank you for reaching out to us, As I understand you are facing issues with Entra Private Access with DFS file shares and RDS Farm Access.

Researched on this, seems like you are missing UDP protocol support. Some of the scenarios as DNS resolution wouldn´t work or discovering a DC on prem to get a Kerberos ticket (where we need UDP protocol to work).

Currently, Global Secure Access support TCP, UDP is under development.

Reference: https://learn.microsoft.com/en-us/entra/global-secure-access/resource-faq For testing purpose try to connect to vpn (connect to on-premise network) check if these scenarios work or not, while accessing dfs shares/rds farm capture a network trace to find the difference in the network communication.

Let me know if you have any further questions, feel free to post back.

Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

Answer 2

DFS Namespace referrals - check it's enforcing DNS - https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/configure-dfs-use-domain-names