Forum Discussion
Requirement to have an on-prem AD
HandA
on-prem AD is not required.
AD requirements:
Option 1: Domain controller that is synchronized with Azure Active Directory. The domain controller can be on-prem or in cloud. To synchronize with Azure Active Directory install Azure Active Directory Connect.
Option 2: Azure AD Domain Services domain in Azure (automatically synced with Azure Active Directory)
You don't need to actually have the Azure AD and the local Active Directory synced at all (at least with regards to AD Connect). I was able to get everything moving by just adding the Azure AD UPN Suffix (e.g. <tenantname>.onmicrosoft.com) to my Local Active Directory and creating a user whose UPN matches my Azure AD User (e.g. <user>@<tenantname>.onmicrosoft.com).
Yes, I ended up being prompted twice for credentials, once for opening the feed and again for logging into the server, but the end result was a successful connection without having to Sync the ADs.
- Christian_Montoya
Microsoft
smithanc : If this works right now, then great! However, we only support when there is a true synchronization between Azure AD and the local Windows Server AD: either through Azure AD Connect, Azure AD Domain Services, or through federation.
Christian_Montoya Understood but hopefully you extend support to other models such as the one I have done in my PoC. Otherwise, my main use case right now for WVD is broken as I am looking to use WVD to provide VM access to isolated VMs that are located in a Azure VNET which does not have any public IP address associated to any NIC card within that VNET.
We looked into using RDS with Azure AD Application Proxy but ran into a blocker that it only worked with ActiveX and therefore only on Windows Machines running IE 11.
Otherwise, we will have to turn to the Citrix cloud.
