Blog Post

Azure Virtual Desktop Blog
1 MIN READ

Announcing General Availability of Azure AD-joined VMs support for Azure Virtual Desktop

DavidBelanger's avatar
DavidBelanger
Icon for Microsoft rankMicrosoft
Sep 15, 2021

We're pleased to announce that you can now join your Azure Virtual Desktop virtual machines directly to Azure Active Directory (Azure AD) and connect to the virtual machine from any device with basic credentials. You’ll also be able to automatically enroll the virtual machines with Microsoft Endpoint Manager.

 

Azure portal showing the new Azure AD and Intune options for Azure Virtual Desktop host pools.

 

This new configuration allows you to provide access to cloud-only users (created in Azure AD and not synchronized from an on-prem directory) which wasn't possible before. For certain scenarios, this will help eliminate the need for a domain controller, help reduce cost, and streamline your deployment. While this is a major milestone, it’s just the beginning of the journey towards full integration with Azure Active Directory. We will continue adding new capabilities such as support for FSLogix profiles, single sign-on, additional credential types like FIDO2, and Azure Files for cloud users.

 

To learn more, visit our documentation page.

Updated Nov 13, 2023
Version 3.0
updates

26 Comments

Show More
  • jonwbstr24's avatar
    jonwbstr24
    Iron Contributor
    Sep 20, 2021

    This is exciting news, thank you!!

     

    michaelk4tech I don't follow, are you taking about Azure Virtual Desktop or something else?

  • michaelk4tech's avatar
    michaelk4tech
    Copper Contributor
    Sep 17, 2021

    Really? This is only for AVD host groups? What about other customers who want to automatically join VMs to their AAD and Intune environment? The AAD extension is a manual tick box and doesn't propagate to any other VMs that you may clone off of the original. 

  • DavidBelanger's avatar
    DavidBelanger
    Icon for Microsoft rankMicrosoft
    Sep 16, 2021

    LukeAltanet Depending on your scenario, you should be able to retire Azure AD DS. The primary scenario would be for personal desktops where all applications use Azure AD auth or other IDP not requiring Kerberos or a domain controller.

  • LukeAltanet's avatar
    LukeAltanet
    Copper Contributor
    Sep 16, 2021

    Finally! Does this mean that customers can retire Azure AD DS if you are fully cloud? We only had this running in Azure because it was required for virtual desktop.

  • fbifido's avatar
    fbifido
    Brass Contributor
    Sep 15, 2021

    Azure knowns what the Business & Enterprise need, and they are working on it, can't wait !!!!

     

    support for FSLogix profiles, single sign-on, additional credential types like FIDO2, and Azure Files for cloud users

    Thanks Azure Teams

     

  • TommyOrr's avatar
    TommyOrr
    Copper Contributor
    Sep 15, 2021

    This is super exciting! So much progress in such a short time. Thanks for all the hard work.