MicrosoftWe are in the same boat as wonderacakpo and are building out an AVD environment for a customer and are finding way too many constraints with AADDS (SSO non-existent) and AAD (no profiles or Intune management on multi-session OS's) and of course we are not keen on deploying ADDS as we are building this environment for cloud-only users.
SoniaCuff wrote:Note: The current public preview of this service does require that your uses exist in an on-premises Active Directory and have been synced to Azure AD using Azure AD connect. Cloud-only uses created solely in Azure AD are not supported ... yet, but soon.
How long do we have to wait for this "soon" to materialise? Microsoft is really pushing its customers to go cloud-native and this solution (Azure AD Kerberos) is going to be released with missing critical functionality, resulting in an on-premises environment still being required.
I would highly recommend Microsoft remove the hybrid-join requirement before you go GA, otherwise what's the point of doing Azure AD join with AVD at all, when you could can just join your AVD hosts to your on-premises ADDS? You get to use your existing Group Policies, SSO support with M365 / Azure AD is available as you already have AD Connect setup, you can even use ADFS to SSO from the AVD portal into your VM if you want to drop another password prompt as well. The benefits of Azure AD Kerberos are just not there for AVD in its current state.
