Forum Discussion
WVD Single Sign On / Double Authentication
Thanks, James
Microsoftjcookintegy : Yes, we have it in our backlog. We're investigating the work with Azure AD so we don't have a specific timeframe for it yet, but it one of the top concerns across the board, so we are definitely prioritizing this.
Also, jcookintegy , can you go ahead and create or upvote a feedback item at our UserVoice. Thanks!
Hi Christian_Montoya , we have users who are independent therapists contracted to provide services. Their only IT is a laptop, they have nothing 'on prem', and they are required to use an app which we provide as an Azure remote app. We have nothing 'on prem' either!
We are trying to resolve the double signon experience - is there, or will there be, a solution for our use case?
Thanks,
Jack
- PavithraT
Auntiejack56 We are investigating SSO. As of today, isnt it possible to use the Windows client and save the password? If you save the password, it shouldnt prompt you twice.
Hi and thanks. Edge will save the first password (when logging in via aka.ms/wvdarmweb). Chrome won't, so I'll recommend clients to use Edge for the time being. (I tried adding manually via Credentials Manager but that made no difference to either browser.)
Jack
Christian_Montoya Any update on this? Two issues I am seeing so far:
1. WVD web front end / RDP client prompt for credentials, and then the Windows session itself prompts for the credentials.
2. And then, once inside the Windows 10 session, OneDrive prompts for credentials inside the session along with all other services that use Azure AD, instead of SSO.
davidlloyd Indeed too much authentications prompts for now. Let's dream a little bit : i login on my endpoint with my Azure AD account (Windows Hello active - device managed through Endpoint management), then i launch Remote App client, sso occurs, then i launch my wvd session, sso occurs, then i launch an office 365 app, sso occurs, could become a great user experience and all this with AADDS service setup. For now, it's still a dream 😉
etienne-coppin davidlloyd - It sounds like your credential prompts once in the WVD session could be removed by configuring hybrid Azure-Ad Join for your session hosts.
I am still baffled that the Remote Desktop client prompts for credentials when you subscribe to a feed even when on an Azure AD / Hybrid Joined device, surely the app could be configured to autoconfigure and use the existing token as it would if you browsed to portal.office..com in edge
The second prompt is understandable as you are switching to kerberos but it would also be great if this was modern auth 😉
