By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AppStream new instance takes longer time to join Azure AD

0

We use AppStream scaling policy to scale up and scale down our fleets. However, whenever we scale up, it takes hours before the hostname of the new instance are joined to the Azure AD showing pending. Hence, all our SSO auth is asking for password and MFA until the instance hostname is joined.

Is there a way to speed up the joining to Azure AD?

Topics
End User Computing
Tags
Amazon AppStream
Language
English
Ade
asked 8 months ago212 views
1 Answer
0

Hello Team,

Before we proceed further, I would like to sincerely apologize for issue caused to you and totally understand your concern regarding delays being caused by hostname off the instance to join your Azure AD.

When using AWS AppStream with Azure AD integration, the joining of instances to Azure AD can sometimes take time, resulting in a delay before users can utilize Single Sign-On (SSO) with AppStream instances. While you can't control the speed of this process entirely, there are a few strategies to potentially speed up the joining of instances to Azure AD:

  1. Instance Warm-Up: You can maintain a small number of "warm-up" instances. These are instances that are running and joined to Azure AD in advance, so when you need to scale up, you can use these instances while newly launched instances join Azure AD. This can reduce the delay for users.

  2. Pre-Deployment Scripts: You can create a pre-deployment script that runs when instances launch. This script can include steps to automate the joining of the instance to Azure AD. While this won't eliminate the joining delay entirely, it can ensure that the process starts as soon as the instance launches, potentially reducing the overall time.

  3. Optimize Azure AD Configuration: Ensure that your Azure AD configuration is optimized for performance. This includes network connectivity, DNS resolution, and any Azure AD-specific configurations. Review Azure AD diagnostics and logs to identify potential issues that could cause delays.

  4. Monitoring and Alerts: Set up monitoring and alerts to be notified when instances are joined to Azure AD. This can help you track the progress of instance joins and identify any instances that are stuck or experiencing delays.[1]

Azure AD Performance: While not directly related to AppStream, it's worth evaluating the performance of your Azure AD tenant in general. If you notice consistent delays with Azure AD operations, it could be related to Azure AD performance issues.

Remember that the joining process is influenced by factors both within AWS AppStream and Azure AD. By implementing the above strategies and closely monitoring the process, you can potentially reduce the delay and improve the SSO experience for your users.

References:

[1] Monitoring and Reporting" https://docs.aws.amazon.com/appstream2/latest/developerguide/configure-monitoring-reporting.html

Kartik
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content