Need to advise WVD service, User profile disks(fslogix), performance in WVD session, AD-Connect

Copper Contributor

Hi, our organization plan to deploy new WVD service for user remote VDI about 100+ User. Basically, I try to test deploy the result is work good but I want more suggestion for best pactice or best effective for WVD services.
about following topic

1.User profile disks(fslogix)

     1.1 if many user use WVD profile disks on the same time, profile service might go performance drop(full network bandwidth, full disk iops and etc..), plz advise me, VM Spec or do Clustering fslogix

 

     1.2 fxlogix can setup only 1 VM for profile container services? Can we setup cluster, it maybe can improve performance and good for redundant.

 

    #Now my solution fxlogix by using Storage Account (AzureFile)

        - In configulation -> Identity-based on Directory Service for  Azure File Authentication -> Choose AzureADDS 

       - In file share -> IAM -> assing user who have permission to use this directory

       - Testing -> login to WVD VM as admin -> try to map network drive "net use DRIVE: PATH "   not necessary login user pass because we config Identity-based on Directory Service for  Azure File Authentication at storage account already.

 

2.Slow performance in WVD session

     2.1 if user have delay on session screen, have the way on configulation for tuning on WVD (CLI, Parameter, policy or etc..) this is regional project the site we have Thailand, Vietnam, China and more. the pilot is Vietnam.

 

3.User Authentication use Azure ADDS, AzureAD and AD-Connect sync user on-premise AD method password hashsync support NTLM+Kerberos.

     Now we use only password hash sync from AD connect to AzureAD. for supporting user on premise authentication on WVD VM, we must to change configulation on AD-Connect to password hash sync support NTLM+Kerberos. Have any recommend script (both new and rollback)? if we change configulation, Will have an service that must concern? (we have O365 Outlook, onedrive, sharepoint, skype, team services)

 

Thanks everybody

DUMPDUMPY

4 Replies

@DUMPDUMPY : Regarding #3 (Password hash), our team doesn't have specific guidance. I'd defer to Azure AD Connect and their guidance on password hash: https://docs.microsoft.com/azure/active-directory/hybrid/how-to-connect-password-hash-synchronizatio... .

Hi,
Re #1, did you consider using Azure NetApp Files? I haven't got to it yet but it should save you all the trouble with spinning up VMs and management overhead.
Hi hcuj76,
i will test Azure NetApp Files.

Now my solution fxlogix by using Storage Account (AzureFile)

        - In configulation -> Identity-based on Directory Service for  Azure File Authentication -> Choose AzureADDS 

       - In file share -> IAM -> assing user who have permission to use this directory

       - Testing -> login to WVD VM as admin -> try to map network drive "net use DRIVE: PATH "   not necessary login user pass because we config Identity-based on Directory Service for  Azure File Authentication at storage account already.
Hi DumpDumpy,
I am also going to put it on Azure Files instead of NetApp files. Seems too much hassle to get accepted into their program.

Glad it's working well for you. It would be good to stay in touch. Possible to dm?