Home

Azure AD Domain Sync

%3CLINGO-SUB%20id%3D%22lingo-sub-824943%22%20slang%3D%22en-US%22%3EAzure%20AD%20Domain%20Sync%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-824943%22%20slang%3D%22en-US%22%3E%3CP%3EHallo%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ewhy%20I%20need%20a%20domain%20sync%20to%20azure%20ad%20for%26nbsp%3BWindows%20Virtual%20Desktop%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3CP%3EStefan%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-835975%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Domain%20Sync%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-835975%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F24406%22%20target%3D%22_blank%22%3E%40Stefan%20Kie%C3%9Fig%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20reason%20is%20quite%20simple%3A%20the%20Sessionhost%20still%20needs%20a%20Windows%20Token%26nbsp%3B%3Asmiling_face_with_smiling_eyes%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETo%20clarify%2C%20for%20the%20user%20to%20be%20able%20to%20sign-in%20into%20the%20WVD%20client%2C%20that%20user%20needs%20to%20exist%20in%20Azure%20AD.%3C%2FP%3E%3CP%3EBut%20when%20the%20user%20connects%20to%20the%20Sessionhost%2C%20the%20Windows%20Token%20is%20required.%3C%2FP%3E%3CP%3ESo%20the%20same%20user%20needs%20to%20exist%20in%20an%20Windows%20AD%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETo%20solve%20that%2C%20you%20can%20choose%20between%3C%2FP%3E%3CUL%3E%3CLI%3ECreate%201%20(or%20more)%20Azure%20VMs%2C%20install%20%26amp%3B%20config%20the%20Windows%20AD%20role%20and%20install%20%26amp%3B%20configure%26nbsp%3B%20Azure%20AD%20Connect%20to%20sync%20to%20Azure%20AD%3C%2FLI%3E%3CLI%3EUse%20Azure%20AD%20DS%2C%20which%20will%20handle%20both%20the%20Windows%20AD%20%26amp%3B%20the%20sync%20to%20Azure%20AD.%3C%2FLI%3E%3C%2FUL%3E%3C%2FLINGO-BODY%3E
Frequent Contributor

Hallo,

 

why I need a domain sync to azure ad for Windows Virtual Desktop?

 

Regards

Stefan

1 Reply

Hi @Stefan Kießig ,

 

The reason is quite simple: the Sessionhost still needs a Windows Token :smiling_face_with_smiling_eyes:

 

To clarify, for the user to be able to sign-in into the WVD client, that user needs to exist in Azure AD.

But when the user connects to the Sessionhost, the Windows Token is required.

So the same user needs to exist in an Windows AD

 

To solve that, you can choose between

  • Create 1 (or more) Azure VMs, install & config the Windows AD role and install & configure  Azure AD Connect to sync to Azure AD
  • Use Azure AD DS, which will handle both the Windows AD & the sync to Azure AD.
Related Conversations
Extentions Synchronization
Deleted in Discussions on
3 Replies
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies