WVD with Azure Premium Files and FSLogix cannot connect

Brass Contributor

I just wanted to write this, to get it out there, possibly to channel frustration but most to see what other techs are doing out there for their WVD deployments that utilize FSLogix and Azure Premium Files.  After the stunt Microsoft pulled today hosing AzureAD, users are unable to sign into WVD hosts because their profiles are stored on Azure Premium Files which they cannot successfully authenticate to.

 

My hope is that Microsoft has this fixed by the morning.  I know they are working on it....but I can't come to work tomorrow and tell everyone they can't sign in to work.  I need a solution, or an alternative in case Microsoft cannot reverse this by morning.

 

Right now I'm thinking, and this would be painful, is to just turn off FSLogix so users would be running local profiles.  I don't like the idea of this because it seems there will be a lot of aftermath cleanup to do, but I suppose it's better than the alternative of not being able to sign in.

 

Anyone else facing the same dilemma?

3 Replies
If you have a server in azure you could host it on a drive attached to that vm but beware of maxing out on iop/throughput as the vm spec is the bottleneck. But hopefully it’s fixed today I check at 10pm lastnight and it was working better than at 7pmish
@StevenR I'm just finishing for the night....the fix must have just hit our tenant not too long ago because I was able to successfully connect with 1 test account but not the other. About an hour later, I was able to connect with the other test account. I was preparing for the worst case scenario tomorrow morning. Now let's hope it stays that way for the next 5 hours when people start logging in!
The issue was during the Azure Outage: CA - Authentication errors across multiple Microsoft services (Tracking ID LN01-P8Z). Once services were restored, there were 4-5 .vhd profiles that had open file handles on them. The problem was, I could not see those open file handles within Azure Storage Explorer. I ended up having to create a new storage account and use the objectspecific registry settings for FSLogix for the affected users, and route their profiles to the new location. Fortunately I was able to copy their .vhd files from a recent backup over to the new storage location so they didn't' lose everything.
After the fact, I found a really useful powershell command that would have saved me from doing all of this. This is even helpful today, because sometimes we have an issue where users try to sign in but their .vhd profile "is being used by another smb process" even though it's not attached to the host. The commands that I found useful were:
Get-AzStorageFileHandle -Context $storageAcct.Context -ShareName $shareName -Path $filePath followed by Close-AzStorageFileHandle -Context $storageAcct.Context -ShareName $shareName -Path $storagePath -CloseAll

It was failing at first, even through the Azure CLi, but I found I had to whitelist my IP address that was trying to connect through the Azure CLi in the browser . I got that IP address by going to Azure AD sign in logs. Hope this helps someone with future issues.