Another Reason Why The AVD Session Hosts Are Failing To Load FSLogix User Profiles

Azure Files plays a big role in the Azure Virtual Desktop depolyments and for FSLogix to work in the intended way, the storage account needs to be joined to the domain. It can be either extending the on-premises domain to Azure by setting up a domain controller in the respective region or by setting up Azure AD Domain Services feature.

In my case, I setup a Windows Server 2019 domain controller in the same region that I setup the Azure Virtual Desktop environment.

Continue reading “Another Reason Why The AVD Session Hosts Are Failing To Load FSLogix User Profiles”

FIX: Windows 2019 CIS Benchmark Image Stopping the Azure VM Becoming the NTP Server After Transferring the PDC Emulator

In a Windows Domain environment the time is always working in a hierarchical manner. Server that holds the PDC emulator role holds the NTP Server and the other DCs will sync time from it and the members will sync time from those domain controllers.

At times you have to change the FSMO Roles to a differnt DC and most oftenly that server can be a VM sitting in Azure.

In most cases the VMs spinning up in the Azure environment must adhear to security policies and a well known benchmarking framework is the CIS Benchmarking images (Center for Internet Security). This has the policies defined and vetted into the server images and will be activated once the server is up and running.

Continue reading “FIX: Windows 2019 CIS Benchmark Image Stopping the Azure VM Becoming the NTP Server After Transferring the PDC Emulator”

Azure MFA Authentication Loop Fix

Issue: Office 365 Web apps users (SharePoint Online, Office.com, OWA etc.) will receive the MFA prompt every time after opening the browser.
Ideally the browser should honor the “Stay signed in?” messages when there are no session lifetime settings configured.
When the user click Yes, the persistent browser cookie will get saved and work for 90 days. However if the user states changes it will be refreshed.

I’ve recently noticed, even though the above setting is setup, users will still get the re-authenticate when they close and open web apps. This is the same even after clearing browser cache and updating the browser.

Continue reading “Azure MFA Authentication Loop Fix”

Windows Server 2019 Time zone issues with Daylight Savings option on/off?

Issue:
Domain Controller A is sitting in a different time zone and Domain Controller B that holds the PDC Emulator FSMO role is sitting in another time-zone.

DC A is on WS2019  – does not use Daylight saving settings
DC B is on WS2012R2 – uses Daylight saving

Ideally DC A should run 1 hour behind as they are not using the daylight saving option, but DC A’s time is the same as DC B’s time.

Continue reading “Windows Server 2019 Time zone issues with Daylight Savings option on/off?”

Stop MS Teams Auto Starting

Teams installation with no auto start switch has issues in many levels where it’s not honoring the switch. Even though it installs and won’t auto launch for the first time, when the user logs off and log back in, it auto launches and creating the below registry key in the HKEY User hive. 

Continue reading “Stop MS Teams Auto Starting”