Hi Zuuber,
Thank you for posting in the Q&A Forums.
- Verify storage account and private endpoint configuration
Check network access settings for the storage account: Ensure that the private endpoint is properly configured and that the storage account is configured to allow connections only from the selected virtual network.
Verify IP address and port: Verify that the IP address and port in the \10.34.8.100\profiles\ path point correctly to the private endpoint. Also, check to see if any firewall or Network Security Group (NSG) rules block access to that IP address and port.
- FSLogix Configuration
Registry Settings: Although you have updated the registry to use the dedicated endpoint, double-check that the settings are correct. fSLogix needs to be able to resolve and connect to the specified storage location.
Authentication method: Ensure that the authentication method used by FSLogix matches the configuration of the storage account. For example, if the storage account uses Azure AD authentication, then FSLogix needs to be configured accordingly.
- User accounts and permissions
User permissions: Check that you have sufficient permissions to access the files in the storage account. In particular, those permissions pertaining to access to FSLogix configuration files (e.g. Profile.vhd).
Kerberos authentication: If applicable, make sure that Kerberos authentication is properly configured and that all associated Service Principal Names (SPNs) are registered.
- Network and DNS Configuration
DNS Resolution: Verify that the DNS settings allow resolution to the IP address of the dedicated endpoint. This includes checking for any custom DNS servers or Azure DNS zones.
Network Routing: Use a network tracing tool such as tracert or ping to confirm that packets are routed to the private endpoint as expected.
- Logging and Diagnostics
View FSLogix logs: FSLogix generates logs in the Event Viewer that may contain more detailed information about authentication failures.
Enable more detailed logging: If the current level of logging is not sufficient to diagnose a problem, consider increasing the level of detail in the logging.
- Other Considerations
Virtual network peering: If you have multiple virtual networks in your environment, ensure that they are properly peered and that network policies allow cross-network traffic.
Time synchronization: Ensure that all involved systems and services, including Azure virtual machines and domain controllers, are accurately time synchronized. Time deviations can lead to authentication failures.
- Reboot and Test
Reboot AVD session hosts: Sometimes a simple reboot can resolve connectivity issues.
Test different user accounts: Try logging into an AVD session with a different user account to determine if the problem is related to a specific user account.
Best regards
NeuviJ
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.