Home

Azure AD - Azure Active Directory Domain Services & Windows Virtual Desktop

%3CLINGO-SUB%20id%3D%22lingo-sub-1004958%22%20slang%3D%22en-US%22%3EAzure%20AD%20-%20Azure%20Active%20Directory%20Domain%20Services%20%26amp%3B%20Windows%20Virtual%20Desktop%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1004958%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Team%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20looking%20for%20a%20solution%20to%20establish%20a%20true%20'passwordless'%20solution%20for%20our%20customers.%20This%20is%20our%20setup%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1.%20Users%20are%20in%20Azure%20Active%20Directory%2C%20with%20a%20Microsoft%20365%20license.%26nbsp%3B%3C%2FP%3E%3CP%3E2.%20Devices%20of%20users%20are%20managed%20by%20Intune%20and%20Users%20log%20onto%20their%20devices%20with%20Windows%20Hello%26nbsp%3B%20(Biometrics)%20%3D%20%23NoMorePasswords%3C%2FP%3E%3CP%3E3.%20All%20the%20SaaS%20apps%20are%20leveraging%20AAD%20integration%20so%20also%20%23NoMorePasswords%3C%2FP%3E%3CP%3E4.%20All%20the%20other%20legacy%20apps%20are%20deployed%20in%20Windows%20Virtual%20Desktop.%20We%20use%20Azure%20Active%20Directory%20Domain%20Services%20to%20provide%20AD%20for%20the%20hostpool%20VM's.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20following%20issue%20occurs%3A%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20seem%20to%20run%20into%20password%20prompts%20when%20either%20logging%20into%20web%20client%20or%20the%20published%20apps.%20And%20when%20I%20say%20published%20apps%2C%20I%20mean%20simple%20windows%20apps%20coming%20straight%20out%20of%20the%20WVD%20W10%20image.%3C%2FP%3E%3CP%3EI%20understand%20that%20if%20the%20legacy%20app%20uses%20a%20different%20identity%20provider%20that%20users%20will%20have%20to%20log%20on.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20checked%20the%20setting%20in%20AADDS%20and%20under%20synchronisation%20it%20seems%20to%20synchronise%20with%20AAD.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAre%20we%20trying%20to%20do%20the%20impossible%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1004958%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Active%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Epasswordless%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%20Virtual%20Desktop%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1011347%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20-%20Azure%20Active%20Directory%20Domain%20Services%20%26amp%3B%20Windows%20Virtual%20Desktop%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1011347%22%20slang%3D%22en-US%22%3EHave%20you%20tested%20the%20app%20in%20a%20Desktop%20environment%2C%20not%20in%20an%20app%20environment%3F%3CBR%20%2F%3E%3CBR%20%2F%3EWould%20be%20interested%20to%20know%20if%20you%20have%20the%20same%20behavior%20when%20using%20a%20Desktop%20Image.%3C%2FLINGO-BODY%3E
Highlighted
Emanuel van der Aalst
Occasional Contributor

Hi Team

 

I'm looking for a solution to establish a true 'passwordless' solution for our customers. This is our setup:

 

1. Users are in Azure Active Directory, with a Microsoft 365 license. 

2. Devices of users are managed by Intune and Users log onto their devices with Windows Hello  (Biometrics) = #NoMorePasswords

3. All the SaaS apps are leveraging AAD integration so also #NoMorePasswords

4. All the other legacy apps are deployed in Windows Virtual Desktop. We use Azure Active Directory Domain Services to provide AD for the hostpool VM's.

 

The following issue occurs: 

We seem to run into password prompts when either logging into web client or the published apps. And when I say published apps, I mean simple windows apps coming straight out of the WVD W10 image.

I understand that if the legacy app uses a different identity provider that users will have to log on.

 

I checked the setting in AADDS and under synchronisation it seems to synchronise with AAD.

 

Are we trying to do the impossible?

 

 

 

1 Reply
Highlighted
Have you tested the app in a Desktop environment, not in an app environment?

Would be interested to know if you have the same behavior when using a Desktop Image.
Related Conversations
Get the user role from Azure AD by Laravel azure ad oauth
Arulraj123 in Azure on
0 Replies
Microsoft Developer Virtual Conference
Jenn Jinhong in Community Events List on
0 Replies
Technine - March Updates on Technlogy
Thomas_Collier in Community Events List on
0 Replies
Create a tenant in Windows Virtual Desktop
julian3216 in Azure on
6 Replies
Azure Storage vs SharePoint Document Library
telecaster in Azure on
0 Replies