Share via

Store FSLogix profile containers on Azure NetApp Files

  • Article

FSLogix profile containers store a complete user profile in a single container and are designed to roam profiles in non-persistent remote computing environments like Azure Virtual Desktop. When you sign in, the container dynamically attaches to the computing environment using a locally supported virtual hard disk (VHD) and Hyper-V virtual hard disk (VHDX). These advanced filter-driver technologies allow the user profile to be immediately available and appear in the system exactly like a local user profile. To learn more about FSLogix profile containers, see User profile management with FSLogix profile containers.

You can create FSLogix profile containers using Azure NetApp Files, an easy-to-use Azure native platform service that helps customers quickly and reliably provision enterprise-grade SMB volumes for their Azure Virtual Desktop environments. To learn more about Azure NetApp Files, see What is Azure NetApp Files?.

Note

This article doesn't cover best practices for securing access to the Azure NetApp Files share.

Note

If you're looking for comparison material about the different FSLogix Profile Container storage options on Azure, see Storage options for FSLogix profile containers.

Considerations

  • To optimize performance and scalability, the number of concurrent users accessing FSLogix profile containers stored on a single Azure NetApp Files regular volume should be limited to 3,000. Having more than 3,000 concurrent users on a single volume causes significant increased latency on the volume. If your scenario requires more than 3,000 concurrent users, divide users across multiple regular volumes or use a large volume. A single large volume can store FSLogix profiles for up to 50,000 concurrent users. For more information on large volumes, see Requirements and considerations for large volumes.

  • FSLogix profile containers on Azure NetApp Files can be accessed by users authenticating from Active Directory Domain Services (AD DS) and from hybrid identities, allowing Microsoft Entra users to access profile containers without requiring line-of-sight to domain controllers from Microsoft Entra hybrid joined and Microsoft Entra joined virtual machines (VMs). For more information, see Access SMB volumes from Microsoft Entra joined Windows VMs.

  • To protect your FSLogix profile containers, consider using Azure NetApp Files snapshots and Azure NetApp Files backup.

Prerequisites

Before you can configure an FSLogix profile container with Azure NetApp Files, you must have:

  • An Azure account with contributor or administrator permissions.

Set up your Azure NetApp Files account

To get started, you need to create and set up an Azure NetApp Files account.

  1. To create a NetApp account, see Create a NetApp account.

  2. You need to create a new capacity pool. See Create a capacity pool for Azure NetApp Files.

  3. You then need to join an Active Directory connection. See Create and manage Active Directory connections for Azure NetApp Files.

  4. Create a new SMB volume. Follow the steps in Create an SMB volume for Azure NetApp Files.

    Note

    It's recommended that you enable Continuous Availability on the SMB volume for use with FSLogix profile containers, so select Enable Continuous Availability. For more information, see Enable Continuous Availability on existing SMB volumes.

Configure permissions

When configuring the directory and file-level permissions, review the recommended list of permissions for FSLogix profiles at Configure the storage permissions for profile containers.

Without proper directory-level permissions in place, a user can delete the user profile or access the personal information of a different user. It's important to make sure users have proper permissions to prevent accidental deletion from happening.

Configure FSLogix on your local Windows device

To configure FSLogix on your local Windows device:

  1. Follow the steps in Install FSLogix Applications. If configuring FSLogix in a host pool, download the file while you're still remoted in the session host VM.

  2. To configure your profile container, see Configure profile containers.

    Note

    • When adding the VHDLocations registry key, set the data type to Multi-String and set its data value to the URI for the Azure NetApp Files share.
    • Be careful when creating the DeleteLocalProfileWhenVHDShouldApply value. When the FSLogix Profiles system determines a user should have an FSLogix profile, but a local profile already exists, Profile Container will permanently delete the local profile. The user will then be signed in with the new FSLogix profile.

Make sure users can access the Azure NetApp Files share

  1. Sign in to the Azure portal with an administrative account.

  2. Open Azure NetApp Files, select your Azure NetApp Files account, and then select Volumes. Once the Volumes menu opens, select the corresponding volume.

  3. Go to the Overview tab and confirm that the FSLogix profile container is using space.

  4. Open the File Explorer, then navigate to the Mount path. Within this folder, there should be a profile VHD (or VHDX).