Forum Discussion

Kam_VedBrat's avatar
Kam_VedBrat
Former Employee
Mar 02, 2021

Windows Virtual Desktop Announcements at Microsoft Ignite

  We hope you are all enjoying the Microsoft Ignite conference. Here are some announcements on Windows Virtual Desktop that you will be hearing during the event.   Azure Monitor for Windows Vir...
azure
Windows Virtual Desktop
WVD
Quentin Gerlach's avatar
Quentin Gerlach
MCT
Mar 03, 2021

Anders Jensen Nah, Azure ADDS works too -- the issue is that essentially, this is just an lite version of an on-prem AD environment.  There's still servers behind the scenes, and there's quite a bit of expected functionality that doesn't work -- things like OU structure, etc.  

 

So again, organizations that have bought into cloud-only infrastructure, essentially have to spin up some kind of on-prem infrastructure, whether it's AD using Azure IaaS servers, or using Azure ADDS.  This really defeats the purpose -- I should be able to use Azure AD only to handle WVD VMs.  Just like any other user device can straight join Azure AD.

Anders Jensen's avatar
Anders Jensen
Brass Contributor
Mar 03, 2021
When we deploy WVD, for new cloud only customers, we deploy Azure VMs with ADDS role and AADC installer. For file share / FSLogix profile container we use a storage account, which is also ADDS joined. This works perfectly, but imho it overcomplicates the design as AAD should be sufficient.
Sorry Quentin, I misread your post. Of course AADDS is supported, I thought you meant AAD.
  • johnjjohn's avatar
    johnjjohn
    Iron Contributor
    Mar 11, 2021

    Anders Jensen Could you elaborate on this configuration? I have something very similar, cloud only tenant with Intune as the MDM. My goal is stay cloud only and have the WVD session hosts AAD domain joined and managed by Intune. I've tried using AADDS without great luck; The POC has a VM within the WVD host pool and it will join the AADDS domain, but the VM is not listed in AAD nor  Intune. So, based on your comment I'm hoping there is a step I'm missing in order to get the VM shown in AAD as domain joined.

     

    I've also gone done the path of spinning up a VM as a DC for a new AD domain, installed AADC and performed a sync to my AAD. Using this method I'm able to Hybrid Azure AD domain join a VM from the WVD host pool, and use GPO to push Intune enrollment to my AAD tenant, BUT I don't have a way to sync user accounts from my cloud only tenant down to this transitionary AD Domain so users can login using their AAD creds.

    • Anders Jensen's avatar
      Anders Jensen
      Brass Contributor
      Apr 07, 2021

      johnjjohn 

      Sorry for the late reply.

      We set up an Azure VM (or 2 for HA) hosting the ADDS role.
      This ADDS is used for domain joining the WVD session hosts as we don't want to use AADDS for this.

      Bear in mind that you need to change the DNS server settings for the vNET hosting your session hosts to point to the ADDS servers before domain joining WVD SHs.
      I'm not using Intune but I've heard that managing WVD session hosts using Intune should be under way / already here.
      So basically it's an old skool ADDS setup, just on Azure VMs with Azure AD Connect syncing AD objects to Azure AD.