Configure FSLogix profile container on Azure Virtual Desktop with Azure NetApp Files
We recommend using FSLogix profile containers as a user profile solution for the Azure Virtual Desktop service. FSLogix profile containers store a complete user profile in a single container and are designed to roam profiles in non-persistent remote computing environments like Azure Virtual Desktop. When you sign in, the container dynamically attaches to the computing environment using a locally supported virtual hard disk (VHD) and Hyper-V virtual hard disk (VHDX). These advanced filter-driver technologies allow the user profile to be immediately available and appear in the system exactly like a local user profile. To learn more about FSLogix profile containers, see User profile management for Azure Virtual Desktop with FSLogix profile containers.
You can create FSLogix profile containers using Azure NetApp Files, an easy-to-use Azure native platform service that helps customers quickly and reliably provision enterprise-grade SMB volumes for their Azure Virtual Desktop environments. To learn more about Azure NetApp Files, see What is Azure NetApp Files?
This guide will show you how to set up an Azure NetApp Files account and create FSLogix profile containers in Azure Virtual Desktop. It assumes you have already created a host pool and an application group.
The instructions in this guide are specifically for Azure Virtual Desktop users. If you're looking for more general guidance for how to set up Azure NetApp Files and create FSLogix profile containers outside of Azure Virtual Desktop, see the Set up Azure NetApp Files and create an NFS volume quickstart.
Note
This article doesn't cover best practices for securing access to the Azure NetApp Files share.
Note
If you're looking for comparison material about the different FSLogix Profile Container storage options on Azure, see Storage options for FSLogix profile containers.
To optimize performance and scalability, the number of concurrent user connections accessing FSLogix profile containers stored on a single Azure NetApp Files regular volume should be limited to 3,000. A user connection is defined as either:
- a connection to an FSLogix profile container
- a connection to an FSLogix ODFC container
If you're utilizing both FSLogix profiles and FSLogix ODFC containers, note that a single regular volume should contain no more than 3,000 FSLogix profiles or FSLogix ODFC containers (combined). Having more than 3,000 concurrent user connections on a single volume causes significant increased latency on the volume. If your scenario requires more than 3,000 concurrent user connections, divide users across multiple regular volumes or use a large volume. A single large volume can accommodate up to 50,000 concurrent user connections for FSLogix containers. For more information on large volumes, see Requirements and considerations for large volumes. If you're utilizing both FSLogix profiles and FSLogix ODFC containers, note that a single large volume should contain no more than 50,000 FSLogix profiles or FSLogix ODFC containers (combined).
To protect your FSLogix profile containers, consider using Azure NetApp Files snapshots and Azure NetApp Files backup.
Before you can create an FSLogix profile container for a host pool, you must:
- Set up and configure Azure Virtual Desktop
- Provision an Azure Virtual Desktop host pool
To get started, you need to set up an Azure NetApp Files account.
Sign in to the Azure portal. Make sure your account has contributor or administrator permissions.
In the left side of the window, select All services. Enter Azure NetApp Files into the search box that appears at the top of the menu.
Select Azure NetApp Files in the search results, then select Create.
When the New NetApp account tab opens, enter the following values:
- For Name, enter your NetApp account name.
- For Subscription, select the subscription for the storage account you set up in step 4 from the drop-down menu.
- For Resource group, either select an existing resource group from the drop-down menu or create a new one by selecting Create new.
- For Location, select the region for your NetApp account from the drop-down menu. This region must be the same region as your session host VMs.
When you're finished, select Create to create your NetApp account.
Next, create a new capacity pool:
Go to the Azure NetApp Files menu and select your new account.
In your account menu, select Capacity pools under Storage service.
Select Add pool.
When the New capacity pool tab opens, enter the following values:
- For Name, enter a name for the new capacity pool.
- For Service level, select your desired value from the drop-down menu. We recommend Premium for most environments.
Note
The Premium setting provides the minimum throughput available for a Premium Service level, which is 256 MBps. You may need to adjust this throughput for a production environment. Final throughput is based on the relationship described in Throughput limits.
- For Size (TiB), enter the capacity pool size that best fits your needs.
When you're finished, select OK.
After that, you need to join an Active Directory connection.
Select Active Directory connections in the menu on the left side of the page, then select the Join button to open the Join Active Directory page.
Enter the following values in the Join Active Directory page to join a connection:
For Primary DNS, enter the IP address of the DNS server in your environment that can resolve the domain name.
For Secondary DNS, enter the IP address of the secondary DNS Server for the domain.
For AD DNS Domain Name, enter your fully qualified domain name (FQDN).
For AD Site Name, enter the Active Directory Site name that the domain controller discovery will be limited to. This should match the Site name in Active Directory Sites and Services for the Site created to represent the Azure virtual network environment. This Site must be reachable by Azure NetApp Files in Azure.
For SMB Server (Computer Account) Prefix, enter the string you want to append to the computer account name.
For Organizational unit path, this is the LDAP path for the organizational unit (OU) where SMB server machine accounts will be created. That is, OU=second level, OU=first level. If you are using Azure NetApp Files with Microsoft Entra Domain Services, the organizational unit path is OU=AADDC Computers when you configure Active Directory for your NetApp account.
For Credentials, insert username and password:
For additional parameters descriptions, please refer to this article.
Click Join, the Active Directory connection you created appears.
Next, you'll need to create a new volume.
Select Volumes, then select Add volume.
When the Create a volume tab opens, enter the following values:
- For Volume name, enter a name for the new volume.
- For Capacity pool, select the capacity pool you just created from the drop-down menu.
- For Quota (GiB), enter the volume size appropriate for your environment.
- For Virtual network, select an existing virtual network that has connectivity to the domain controller from the drop-down menu.
- Under Subnet, select Create new. Keep in mind that this subnet will be delegated to Azure NetApp Files.
Select Next: Protocol >> to open the Protocol tab and configure your volume access parameters.
After you create the volume, configure the volume access parameters.
Select SMB as the protocol type.
Under Configuration in the Active Directory drop-down menu, select the same directory that you originally connected in Join an Active Directory connection. Keep in mind that there's a limit of one Active Directory per subscription.
In the Share name text box, enter the name of the share used by the session host pool and its users.
It is recommended that you enable Continuous Availability on the SMB volume for use with FsLogix profile containers, so select Enable Continuous Availability. For more information see Enable Continuous Availability on existing SMB volumes.
Select Review + create at the bottom of the page. This opens the validation page. After your volume is validated successfully, select Create.
At this point, the new volume will start to deploy. Once deployment is complete, you can use the Azure NetApp Files share.
To see the mount path, select Go to resource and look for it in the Overview tab. The mount path is in the format
\\<share-name>\<folder-name>
.
This section is based on Create a profile container for a host pool using a file share.
Download the FSLogix agent .zip file while you're still remoted in the session host VM.
Unzip the downloaded file.
In the file, go to x64 > Releases and run FSLogixAppsSetup.exe. The installation menu will open.
If you have a product key, enter it in the Product Key text box.
Select the check box next to I agree to the license terms and conditions.
Select Install.
Navigate to C:\Program Files\FSLogix\Apps to confirm the agent installed.
From the Start menu, run RegEdit as administrator.
Navigate to Computer\HKEY_LOCAL_MACHINE\software\FSLogix.
Create a key named Profiles.
Create a value named Enabled with a REG_DWORD type set to a data value of 1.
Create a value named VHDLocations with a Multi-String type and set its data value to the URI for the Azure NetApp Files share.
Create a value named DeleteLocalProfileWhenVHDShouldApply with a DWORD value of 1 to avoid problems with existing local profiles before you sign in.
Warning
Be careful when creating the DeleteLocalProfileWhenVHDShouldApply value. When the FSLogix Profiles system determines a user should have an FSLogix profile, but a local profile already exists, Profile Container will permanently delete the local profile. The user will then be signed in with the new FSLogix profile.
Sign in with the credentials of a user assigned to the Remote Desktop group.
Once you've established the user session, sign in to the Azure portal with an administrative account.
Open Azure NetApp Files, select your Azure NetApp Files account, and then select Volumes. Once the Volumes menu opens, select the corresponding volume.
Go to the Overview tab and confirm that the FSLogix profile container is using space.
Connect directly to any VM part of the host pool using Remote Desktop and open the File Explorer. Then navigate to your Mount path. Within this folder, there should be a
.VHD
or .VHDX
file for the profile.