Forum Discussion
WVD and SSO with AAD Connect PHS/PTA
Hi Guys,
As far as I know in order to use SSO in WVD, we must have AD FS.
But what about below topology, when we use PHS/PTA as the synchronization method in AAD connect, also we connect WVD ...
Thanks for your reply knowlite.
Assume the WVD pool in my diagram means both WVD pool and hosted WVD gateway/brokers, is it possible to enable seamless SSO?
My main question is if we can use Seamless SSO(no ADFS) for WVD?
I found a blog saying below, but it's not from official MS docs, so I am afraid I cannot present this to customer as evidence.
""8: No Direct SSO using Azure AD Native – If you today are using SAML based SSO with for instance Azure AD or other iDP’s such as if you have end-users on Azure AD joined machines and want to provide SSO directly to a WVD desktop this is not currently possible and it requires that you have configured an ADFS.""
From: https://msandbu.org/windows-virtual-desktop-breakdown-of-architecture-and-current-status/
Assume the WVD pool in my diagram means both WVD pool and hosted WVD gateway/brokers, is it possible to enable seamless SSO?
My main question is if we can use Seamless SSO(no ADFS) for WVD?
I found a blog saying below, but it's not from official MS docs, so I am afraid I cannot present this to customer as evidence.
""8: No Direct SSO using Azure AD Native – If you today are using SAML based SSO with for instance Azure AD or other iDP’s such as if you have end-users on Azure AD joined machines and want to provide SSO directly to a WVD desktop this is not currently possible and it requires that you have configured an ADFS.""
From: https://msandbu.org/windows-virtual-desktop-breakdown-of-architecture-and-current-status/
The new Remote Desktop app provides SSO once the credentials have been cached, so it's a one time configuration. Going through RDWEB there is no SSO functionality without ADFS (unfortunately).