The answer is Cloud Cache for FSLogix redundancy. As for the storage Azure Files with Zone redundancy for the cloud, as for on prem, that will be a Storage spaces direct file cluster
Does Cloud cache create user profiles 2 times in C:\Users and C:\Program Data\FsLogix\Cache? I read about it somewhere and not able to find back the context. Looking at your video, I am wondering if its because the user was migrated from VHD to CCD locations?
No it shouldn’t That is the default location for users cache drives. This is where all data is written before it is replicated to the remote share. Once the user signs out the user folders here should be deleted Check this setting in FSLogix policy learn.microsoft.com/en-us/fslogix/reference-configuration-settings?tabs=ccd#fslogix-settings-profile-odfc-cloud-cache-logging Read about clear cache on logoff
Thanks for the video. I was wondering if saving fslogix profile on a blob container is something recommended or not? Because it works very well but I don't know if I can choose this solution for production environment or should I stay on a SMB file share ?
Could you please suggest? I have configured an AVD (Azure Virtual Desktop) for users and created a profile on the storage account. Additionally, we have set up Duo MFA (Multi-Factor Authentication) for login. However, the problem is that when a user logs in, their session gets stuck on the "Please wait" screen. To resolve this, we log out the session from the host pool and then have the user log in again. This issue occurs daily in the morning, but it only affects one user at a time who raises the complaint. Can you suggest what might be causing this problem? It does not happen to all users.
In AVD there are two logins first is to ask her active directories when you get a primary refresh token, and that enables you to see all of the desktops and app icons that they can click on. The second login is an active directories login, which takes place when you click a desktop icon to launch. you need to figure out which login is causing the problem first My guess is the problem is on the duo side integrating with Asher, active directory and MFA causing the azure HD primer refresh token to expire
Hi Dean, I tried pushing Cloud Cache GPO but I could not give 2 strg account UNC path using GPO. I had to manually create the registry key (Multi string) and add the UNC path, that worked. And Just to check if my cloud cache works when one strg account goes down, I disabled the public access from networking for one strg account and there I got an Fslogix error saying " Unable to open/create the lock file.
Here is the cloud cache doc for the reg key learn.microsoft.com/en-us/fslogix/tutorial-cloud-cache-containers#profile-container-configuration-with-cloud-cache Also when you signed in, did it ever replicate the profile to the secondary file share? If it didn’t, then you only had a primary, which makes sense why you got the error
Great video as always...using cloud cache since 2 years with azure premium file as primary and anf standard as secondary storage provider in 2 different regions, and it works like charm for 6k users ....however want to highlight whenever one storage provider failure occurs there is no impact but the moment u bring up the affected stroage all issue started to arise (delay in new login and delay in existing user logoff ..) due to replication sync of all connected users data so it may induce huge latency on the affected storage (may be upto 100 times )...so always make sure to increase affected storage iops temporarily before bring up the storage ....and as my favourite option I will choose zrs over cc but unfortunately zrs not available I our region ..
Yeah, makes sense since the failed storage needs to replicate ALL the changes and profiles that is missed, double or quadruple the size of the share so gain a ton of performance until everything is synced up…on the ZRS side…yeah not every region yet, but will get there over time
Great explanation❤. Will you make video on azure insight of AVD . Like in deep explanation about conncetion diagnostic, connection performance,host diagnostic,host performance etc .hope this help full to everyone.....
I don't believe CCD has any monitoring or alerting capabilities, so you can't get any insight on how well the sync process is keeping up or whether it has failed. Let me know if I have that right.
Hello @azureacademy Dear Dean, Thanks for this great video. I would like to use the same storage account but a different file share for the different host pool. I am planning to change the vhd location path in the registry on Golden image so it would reflect on all the session hosts. Another approach is the traditional one , create different storage account and have avd profiles file share and keep it simple. Would you be able to provide your feedback on my first suggestion and what would be your approach in this scenario where client want to have separate profiles on different host pool. Any assistance is highly appreciated. Cheers. Cheers
The question comes down to total IOPS. IF the 1 storage account and the shares in it do not exceed the performance requirements of all of your pools together then you can get away with it BUT the problem is the noisy neighbor. In a standard storage account all of the shares pull from the Sam total amount of performance. So the best practice is to have 1 share per pool And the best way to have the most performance on a share it 1 share per storage account. However it all depends on the number of users you have in a pool and in total. If it’s less than thousands you are fine to combine them Make sense?
@@AzureAcademy Big thanks again. I am using premium and got around 200 users in one and 150 in another pool. I guess I can use the same storage account unless they complain about performance and that's where I can leverage the new SA :) Ciao Have a wonderful day 😊
Yes, for that many users there should be no issue putting multiple file shares on a single premium storage account. The max iops of that kind of storage account is 100,000 IOPS
I configured Cloud Cache for a client a few months ago now, and the users were unable to handle the slower login and logout times. Ultimately, we reverted back to using VHDLocations as their content was primarily stored in OneDrive, but the transition from CCD to VHD was quite the frustration if we wanted to keep the created FSLogix Profiles. Firstly, the naming convention between the two of them is different - I can't remember exactly in which way, but there were some changes Secondly, users with longer names had their profile name trimmed to fit a character limit for CloudCache. This meant that when I transitioned across to VHDLocations, I had to script the renaming of the profiles to be the correct VHD format. Less than pleasant experience I tell ya.
Sounds rough. Sounds like they didn’t need cloud cache especially since they REALLY store their data in OneDrive anyway. As for the name limits, this is configurable in policy
Hi Sir
If I want to setup FSLogix for both on-prem and cloud users which method is best with high redundancy? please clarify
The answer is Cloud Cache for FSLogix redundancy. As for the storage Azure Files with Zone redundancy for the cloud, as for on prem, that will be a Storage spaces direct file cluster
Great video as always Dean. This has to be the most helpful channel on UA-cam!
Wow, thanks!
Does Cloud cache create user profiles 2 times in C:\Users and C:\Program Data\FsLogix\Cache? I read about it somewhere and not able to find back the context. Looking at your video, I am wondering if its because the user was migrated from VHD to CCD locations?
No it shouldn’t
That is the default location for users cache drives.
This is where all data is written before it is replicated to the remote share.
Once the user signs out the user folders here should be deleted
Check this setting in FSLogix policy
learn.microsoft.com/en-us/fslogix/reference-configuration-settings?tabs=ccd#fslogix-settings-profile-odfc-cloud-cache-logging
Read about clear cache on logoff
Thanks for the video. I was wondering if saving fslogix profile on a blob container is something recommended or not? Because it works very well but I don't know if I can choose this solution for production environment or should I stay on a SMB file share ?
it is almost NEVER recommended anymore. The performance and security are not as good in most scenarios as Azure Files (SMB File Share)
Could you please suggest? I have configured an AVD (Azure Virtual Desktop) for users and created a profile on the storage account. Additionally, we have set up Duo MFA (Multi-Factor Authentication) for login. However, the problem is that when a user logs in, their session gets stuck on the "Please wait" screen. To resolve this, we log out the session from the host pool and then have the user log in again. This issue occurs daily in the morning, but it only affects one user at a time who raises the complaint. Can you suggest what might be causing this problem? It does not happen to all users.
In AVD there are two logins first is to ask her active directories when you get a primary refresh token, and that enables you to see all of the desktops and app icons that they can click on. The second login is an active directories login, which takes place when you click a desktop icon to launch.
you need to figure out which login is causing the problem first
My guess is the problem is on the duo side integrating with Asher, active directory and MFA causing the azure HD primer refresh token to expire
Hi Dean, I tried pushing Cloud Cache GPO but I could not give 2 strg account UNC path using GPO. I had to manually create the registry key (Multi string) and add the UNC path, that worked. And Just to check if my cloud cache works when one strg account goes down, I disabled the public access from networking for one strg account and there I got an Fslogix error saying " Unable to open/create the lock file.
Here is the cloud cache doc for the reg key
learn.microsoft.com/en-us/fslogix/tutorial-cloud-cache-containers#profile-container-configuration-with-cloud-cache
Also when you signed in, did it ever replicate the profile to the secondary file share?
If it didn’t, then you only had a primary, which makes sense why you got the error
Excellent content and presentation. Thank you.
Awesome, thanks!
Great explanations and use cases.
Awesome, thanks!
Great video as always...using cloud cache since 2 years with azure premium file as primary and anf standard as secondary storage provider in 2 different regions, and it works like charm for 6k users ....however want to highlight whenever one storage provider failure occurs there is no impact but the moment u bring up the affected stroage all issue started to arise (delay in new login and delay in existing user logoff ..) due to replication sync of all connected users data so it may induce huge latency on the affected storage (may be upto 100 times )...so always make sure to increase affected storage iops temporarily before bring up the storage ....and as my favourite option I will choose zrs over cc but unfortunately zrs not available I our region ..
Yeah, makes sense since the failed storage needs to replicate ALL the changes and profiles that is missed, double or quadruple the size of the share so gain a ton of performance until everything is synced up…on the ZRS side…yeah not every region yet, but will get there over time
How is the performance? Logon and Logouts? Did you do anything to mitigate the delays?
Delays of Cloud Cache? You can’t. That is the trade off for using Cloud Cache and getting the additional protection.
@AzureAcademy thanks Dean! Yes you mentioned on the video. I haven't used CC on any of my builds. So I was curious.
No worries, I hope it helped
Dean - you always teach me new things!
Rock on!
How to protect other users' profiles from deletion or modification from the fslogic Azure file share?
If you want to protect from OTHER USERS modifying or deleting then you need to watch this: ua-cam.com/video/yJqTJh2Tgxo/v-deo.htmlsi=iCJdyDGm1o_OUq-V
Oh Lord! this was amazing. Great information.
Glad it was helpful!
Great explanation❤. Will you make video on azure insight of AVD . Like in deep explanation about conncetion diagnostic, connection performance,host diagnostic,host performance etc .hope this help full to everyone.....
Already done, I have over 100 videos on every part of AVD let me know what you think
ua-cam.com/video/p-0olYEmSlI/v-deo.html
I don't believe CCD has any monitoring or alerting capabilities, so you can't get any insight on how well the sync process is keeping up or whether it has failed. Let me know if I have that right.
That is mostly correct, there is nothing in AVD, or Azure that will show this, but the FSLogix logs do show all the details
Hello @azureacademy
Dear Dean,
Thanks for this great video.
I would like to use the same storage account but a different file share for the different host pool.
I am planning to change the vhd location path in the registry on Golden image so it would reflect on all the session hosts.
Another approach is the traditional one , create different storage account and have avd profiles file share and keep it simple.
Would you be able to provide your feedback on my first suggestion and what would be your approach in this scenario where client want to have separate profiles on different host pool.
Any assistance is highly appreciated.
Cheers.
Cheers
The question comes down to total IOPS. IF the 1 storage account and the shares in it do not exceed the performance requirements of all of your pools together then you can get away with it
BUT the problem is the noisy neighbor.
In a standard storage account all of the shares pull from the Sam total amount of performance.
So the best practice is to have 1 share per pool
And the best way to have the most performance on a share it 1 share per storage account.
However it all depends on the number of users you have in a pool and in total.
If it’s less than thousands you are fine to combine them
Make sense?
@@AzureAcademy
Big thanks again.
I am using premium and got around 200 users in one and 150 in another pool.
I guess I can use the same storage account unless they complain about performance and that's where I can leverage the new SA :)
Ciao
Have a wonderful day 😊
Yes, for that many users there should be no issue putting multiple file shares on a single premium storage account.
The max iops of that kind of storage account is 100,000 IOPS
@@AzureAcademy awesome
Legend.
Appreciate your kind assistance
👍👍
Good Job!
Thanks!
Thanks Dean
Anytime
That's cool. We are just about to deploy AVD. Thank you!
Good luck!!
Very useful video !
Maybe one day ASR will be able to DR an Azure File Share into another Azure Region
That would be cool!
Thank you very much, the video could have been great, I couldn’t connect the cloud cache.👍
So are you saying you are not able to get cloud cache working now? Or it is working now that you watched this video?
I configured Cloud Cache for a client a few months ago now, and the users were unable to handle the slower login and logout times. Ultimately, we reverted back to using VHDLocations as their content was primarily stored in OneDrive, but the transition from CCD to VHD was quite the frustration if we wanted to keep the created FSLogix Profiles.
Firstly, the naming convention between the two of them is different - I can't remember exactly in which way, but there were some changes
Secondly, users with longer names had their profile name trimmed to fit a character limit for CloudCache.
This meant that when I transitioned across to VHDLocations, I had to script the renaming of the profiles to be the correct VHD format. Less than pleasant experience I tell ya.
Sounds rough. Sounds like they didn’t need cloud cache especially since they REALLY store their data in OneDrive anyway. As for the name limits, this is configurable in policy
Just be aware that ZRS on file shares is EXPENSIVE.
It is just as expensive as GRS, it’s all about the number of data replicas you keep