Forum Discussion
DavidBelanger
Microsoft
MicrosoftPUBLIC PREVIEW: Announcing public preview of Azure AD joined VMs
We are excited to announce the public preview of Azure AD joined VMs support for Azure Virtual Desktop. This feature allows customers to easily deploy Azure AD joined session hosts from the Azure por...
- End-to-end single sign-on is definitely something we are working on but isn't available in the first release due to the protocol we are using. We know how important that feature it.
hi Rob, seems excluding the VM object isn't working for me and i keep getting error message - user account used to connect to the rd-gateway... did not work.
Excluding the Azure Windows VM sign-in does work for me however it also blocks MFA on Jamf Connect Login (MDM) which is a bigger concern for the organisation.
Any advice pls?
Excluding the Azure Windows VM sign-in does work for me however it also blocks MFA on Jamf Connect Login (MDM) which is a bigger concern for the organisation.
Any advice pls?
Hey Nikonline - I encountered such issues and this is what I did to resolve.
- Navigate to the Host Pool
- Click "Access Control (IAM)"
- Click "Role Assignments"
- Click "Add"
- Find "Virtual Machine Administrator Login" or "Virtual Machine User Login"
- In my case I selected Administrator
- Add Security Group or user
For my MFA CA Policy:
- Cloud Apps:
- Exclude "Azure Windows VM Sign-in"
- Exclude "Windows Virtual Desktop"
- Thanks Chris, the problem is if i exclude the Azure Windows VM sign-in app then it blocks MFA for Jamf Connect Login (MacOS MDM that authenticates users against AAD). Thats a bigger risk to us. So i was wondering if the Cloud VM object can be used in the CA Policy to further streamline the MFA exclusion.