I'm looking for a solution to establish a true 'passwordless' solution for our customers. This is our setup:
1. Users are in Azure Active Directory, with a Microsoft 365 license.
2. Devices of users are managed by Intune and Users log onto their devices with Windows Hello (Biometrics) = #NoMorePasswords
3. All the SaaS apps are leveraging AAD integration so also #NoMorePasswords
4. All the other legacy apps are deployed in Windows Virtual Desktop. We use Azure Active Directory Domain Services to provide AD for the hostpool VM's.
The following issue occurs:
We seem to run into password prompts when either logging into web client or the published apps. And when I say published apps, I mean simple windows apps coming straight out of the WVD W10 image.
I understand that if the legacy app uses a different identity provider that users will have to log on.
I checked the setting in AADDS and under synchronisation it seems to synchronise with AAD.
Are we trying to do the impossible?