Forum Discussion
PUBLIC PREVIEW: Announcing public preview of Azure AD joined VMs
- Jul 15, 2021End-to-end single sign-on is definitely something we are working on but isn't available in the first release due to the protocol we are using. We know how important that feature it.
Xandven_ Your source is at least outdated. Latest technical information about the public preview can be found here: https://docs.microsoft.com/de-de/azure/virtual-desktop/deploy-azure-ad-joined-vm
I have both personal and pooled VMs in my lab setup AAD joined and Intune managed. Compliance policies are applied to both types correctly, so that you can eval them in CA policies accordingly.
So, my answer is not an official Microsoft one, but from all these observations I would say: Yes, host pools can be Intune managed in this public preview.
hi guys
im experiencing an error when trying to connect to my AADJ VM using Remote Desktop app.
Prereqs are all met :
- device from which i try the connection is aadjoined to the same tenant.
- remote desktop app user is added via IAM with AVD User Login role
- targetisaadjoined:i:1 added to rdp advanced properties
- validation env checked
what else can be missing ?
i can only access my VM from the web client , there is no error there and it works from every device.
Device State |
+----------------------------------------------------------------------+
AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : NO
Device Name : VM-AzureAD-0
+----------------------------------------------------------------------+
| Device Details |
+----------------------------------------------------------------------+
DeviceId : 2b4f6a7b-02ab-4cb5-a220-1fdde507e7e4
Thumbprint : 4C5F4A2D4D8D55093DDE48F7453621FE8382F2B9
DeviceCertificateValidity : [ 2021-07-19 11:01:49.000 UTC -- 2031-07-19 11:31:49.000 UTC ]
KeyContainerId : 21313e88-443a-4391-b4ca-dcdda5e9ee38
KeyProvider : Microsoft Software Key Storage Provider
TpmProtected : NO
DeviceAuthStatus : SUCCESS
+----------------------------------------------------------------------+
| Tenant Details |
+----------------------------------------------------------------------+
TenantName : xxxxxx
TenantId : xxxxxx
Idp : login.windows.net
AuthCodeUrl : https://login.microsoftonline.com/xxx
AccessTokenUrl : https://login.microsoftonline.com/xxxx/oauth2/token
MdmUrl : https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc
MdmTouUrl : https://portal.manage.microsoft.com/TermsofUse.aspx
MdmComplianceUrl : https://portal.manage.microsoft.com/?portalAction=Compliance
SettingsUrl :
JoinSrvVersion : 2.0
JoinSrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/device/
JoinSrvId : urn:ms-drs:enterpriseregistration.windows.net
KeySrvVersion : 1.0
KeySrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/key/
KeySrvId : urn:ms-drs:enterpriseregistration.windows.net
WebAuthNSrvVersion : 1.0
WebAuthNSrvUrl : https://enterpriseregistration.windows.net/webauthn/xxx/
WebAuthNSrvId : urn:ms-drs:enterpriseregistration.windows.net
DeviceManagementSrvVer : 1.0
DeviceManagementSrvUrl : https://enterpriseregistration.windows.net/manage/xxx/
DeviceManagementSrvId : urn:ms-drs:enterpriseregistration.windows.net
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : YES
WamDefaultAuthority : organizations
WamDefaultId : https://login.microsoft.com
WamDefaultGUID : {xxxx} (AzureAd)
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : YES
AzureAdPrtUpdateTime : 2021-07-19 14:45:18.000 UTC
AzureAdPrtExpiryTime : 2021-08-02 14:45:17.000 UTC
AzureAdPrtAuthority : https://login.microsoftonline.com/xxx
EnterprisePrt : NO
EnterprisePrtAuthority :
+----------------------------------------------------------------------+
| Diagnostic Data |
+----------------------------------------------------------------------+
AadRecoveryEnabled : NO
Executing Account Name : xxxxx
KeySignTest : PASSED
+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+
Access Type : DIRECT
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : YES
IsUserAzureAD : YES
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : NO
SessionIsNotRemote : NO
CertEnrollment : none
PreReqResult : WillNotProvision
For more information, please visit https://www.microsoft.com/aadjerrors
- DavidBelangerJul 23, 2021Microsoft
PaulGMVP Are you trying to use the Windows client from the Windows Store? We noticed that there is currently an issue with this client and you should use the Windows Desktop client for now.
https://docs.microsoft.com/azure/virtual-desktop/user-documentation/connect-windows-7-10