7176
We are building world's most useful & helpful IM-based Azure community!
yes like timeout errors and stuff lie that
Читать полностью…
Why you want to access hotstar in vm? Use your laptop or mobile
Читать полностью…
can anyone help me with azure vm ?
Читать полностью…
Thanks @iamkpr let me dig more into this..
Читать полностью…
Hi all, if az-104 is expired, is az-305 exam is allowed?
Читать полностью…
then you would have to set up .. azure ad joined hosts with azure ad kerberos authentication..
Читать полностью…
If this traditional way joining in not working then i am thinking to join via kerberos
Читать полностью…
It needs to be added azure hybrid ?
Like is it necessary machine should show in entra device ?
it can work especially when integrating with azure files.. however it requires proper domain services step and may involve complexities related to secure channel issues and domain membership. your env also should support the necessary configuration for on pre users
Читать полностью…
let check with my friends who are there.. i hope they can help if they are available
Читать полностью…
raise a ticket with microsoft..
Читать полностью…
this is what i think the issue appears to be the inability of the AVD session hosts to establish a stable secure channel with the domain controllers, which is preventing proper Kerberos authentication
Читать полностью…
https://learn.microsoft.com/en-us/answers/questions/2102498/windows-11-24h2-azure-file-share-broken
Читать полностью…
have you tested the authentication ..
Читать полностью…
Hi All,
I have a doubt
We have a fastapi app hosted in azure container app. We use uvicorn as webserver.
We see upstream timeout error when the container app is scalling. Anyone faced this issue? Same request for the next time is successful.
in my vm i cannot access streaming websites like hotstar.com
Читать полностью…
Dears,
Anyone can guide me how to prep for az 204 ? I am looking for genuine learning. Thanks in advance
I think it should be allowed but you might not get the badge or certificate unless you fulfill the prerequisite with valid az104
Читать полностью…
this is not an ad.
today only- free cloud security course.
https://www.udemy.com/course/secure-azure-networks/?couponCode=CE9E9B5922066FAF6CE6 (100 free seats only)
utilize this opportunity
upcoming new cloud security udemy coupon codes, refer this LinkedIn post
https://www.linkedin.com/posts/jose-praveen_cybersecurity-sql-injection-activity-7278613481254264832-lugg
please share this with your friend and colleagues as this might help someone.
if it needs to be successful as per my understanding correct me if i am wrong .. to attach user profiles from storage to Azure Virtual Desktop while ensuring that domain controllers and applications hosted in Azure connect as a traditional domain, it is essential for the machines to be registered in Microsoft Entra.
Читать полностью…
I just wanted my user profile should attach from storage to AVD
But also wanted to Dc and other applications server hosted in azure that should connect as a traditional domain
If i would configure kerberbos join in storage ruthern then adds traditional will that work for my on prem users ?
Читать полностью…
sorry buddy i could not fix this..
Читать полностью…
because of the complexity and most of the steps we have taken . i dont have insights in your environment. i used to be in MS i could have helped u then ..
Читать полностью…
Also I checked time and date that is fine
Читать полностью…
As I did further teste today still failing
• Troubleshooting Steps and Results (Detailed):
1. Initial Kerberos Checks (On DC): Initial Kerberos checks performed on a domain controller showed valid tickets. However, this test was invalid as it didn't test the authentication flow from the AVD host.
2. klist on AVD Host (Initial Result): The klist command on the AVD host produced the following error:
Error calling API LsaCallAuthenticationPackage (GetTicket substatus): 0x6fbklist failed with 0xc000018b/-1073741429: The SAM database on the Windows Server does not have a computer account for this workstation trust relationship.
1. This indicated a problem with the secure channel or the AVD host's computer account in AD.
2. Storage Account Rejoin: The Azure Storage account was rejoined to the domain to ensure Kerberos key synchronization. This did not resolve the core issue.
3. Debug-AzStorageAccountADDSAuth Cmdlet: This cmdlet was used to verify various settings. It confirmed:
◦ Correct Kerberos ticket and channel encryption.
◦ Existence and permissions of the user's AD object.
◦ AVD host domain membership.
◦ Port 445 connectivity.
◦ Storage account domain membership.
◦ User RBAC assignments.
◦ Kerberos key synchronization (after the storage account rejoin).
4. klist on AVD Host (After Rejoin): After the storage account rejoin, the klist command on the AVD host continued to produce the same error as in step 2, indicating that the secure channel issue persisted.
5. Secure Channel Verification and Repair (On AVD Host): The following commands were run on the AVD host:
◦ nltest /sc_verify:lyv-srv-01.local
◦ Test-ComputerSecureChannel -Repair (and with explicit credentials)
6. Other Troubleshooting Steps:
◦ Permissions on the file share were verified multiple times.
◦ Time and date settings were confirmed to be accurate.
◦ A new VM was deployed from a snapshot, and repairs (SFC scans, updates) were performed.
◦ Testing from a DC worked, but not from AVD hosts.
◦ Microsoft Entra Kerberos was tested but reverted to AD DS.
◦ DNS resolution was confirmed.
◦ The error "The network path cannot be located" (Smb2DiagReasonDns) was investigated, but DNS resolution was working.
◦ FSLogix logs were reviewed but did not provide conclusive evidence.
◦ A new test user was created, but the issue persisted.
◦ Simplified mapping tests (using FQDN and short name) also failed.
Current Status:
• Kerberos authentication appears to be functioning correctly on the domain controller itself.
• The AVD session hosts are unable to establish a stable and functional secure channel with the domain controllers, preventing them from properly authenticating to the Azure File Share. This is the root cause of the credential prompts and FSLogix profile attachment failures.