We're excited to announce the public preview of FSLogix profiles for Azure AD-joined VMs in Azure Virtual Desktop. The preview allows you to create an Azure Files share to store the FSLogix profiles and configure it to support Azure AD authentication. For customers trying to reduce cost, it’s now possible to deploy a pooled environment using Azure AD-joined Windows 10/11 Enterprise multi-session VMs.
The initial release for Azure AD-joined VMs in September was focused on deploying personal desktops that leverage a local user profile. Each user had their own virtual machine to use for their daily tasks. The added support for FSLogix profiles combines the cost optimization of using a pooled environment shared among users with the key benefits of Azure AD-joined VMs:
no line-of-sight to a domain controller
simplified deployment, and
enhanced management with Intune
The new Azure AD functionality leveraged in this preview allows Azure AD to issue Kerberos tickets to access SMB shares. This removes the need to have access to a domain controller from the session host VM and network share. You can now store your FSLogix user profiles on Azure Files shares and access them from Azure AD-joined VMs. This functionality currently requires the users to have hybrid identities, managed in Active Directory.