FsLogix with Hybrid AD and Full Trusted Cross Domain

I have found a solution to this issue that should work for everyone experiencing this.  If you use AD Connect to sync accounts and groups to Azure, make sure you create a group on-premise to use with FSLogix, sync it to Azure, and assign it the SMB Contributor role in the File Share.  Then (as with anything that you do in Azure) wait between 5 to 30 minutes for the change to take effect  Also make sure you copy the FSLogix Group Policy template from the FSLogix installer to the DC on-premise, create an FSLogix Group Policy Object, makes sure it's enabled and set all other settings you need (like VHDLocations, Delete local profile, etc.) and assign that Group Policy to the container that contains the VMs in Azure.  This will create the registry settings needed for FSLogix when a user logs in.

What I found is that if you use a group that you create in Azure, even though it contains your AD Connect synced users, it won't apply the SMB Contributor role properly and you will get the "Access is denied" error.