Azure Virtual Desktop with Azure AD Login

%3CLINGO-SUB%20id%3D%22lingo-sub-2579192%22%20slang%3D%22en-US%22%3EAzure%20Virtual%20Desktop%20with%20Azure%20AD%20Login%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2579192%22%20slang%3D%22en-US%22%3E%3CP%3EHey%2C%3CBR%20%2F%3EI%20am%20using%20Azure%20Virtual%20Desktop%20with%20Azure%20AD%20Login.%20I%20was%20able%20to%20create%20a%20hostpool%20as%20well%20as%20a%20session%20host.%20I%20can%20log%20in%20to%20the%20hostpool%20with%20my%20AAD%20credentials.%20But%20on%20the%20session%20host%20it%20only%20works%20with%20the%20local%20admin%20user.%3C%2FP%3E%3CP%3EThe%20session%20host%20is%20Azure%20AD%20gejoind.%3CBR%20%2F%3E%3CBR%20%2F%3EAzureAdJoined%20%3A%20YES%3CBR%20%2F%3EEnterpriseJoined%20%3A%20NO%3CBR%20%2F%3EDomainJoined%20%3A%20NO%3CBR%20%2F%3EDevice%20Name%20%3A%20SGVDI-0%3C%2FP%3E%3CP%3EHow%20can%20I%20log%20in%20to%20the%20session%20host%20with%20my%20Azure%20AD%20credentials%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2591993%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Virtual%20Desktop%20with%20Azure%20AD%20Login%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2591993%22%20slang%3D%22en-US%22%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1695%22%20target%3D%22_blank%22%3E%40Stefan%20Kie%C3%9Fig%3C%2FA%3E%2C%3CBR%20%2F%3EWhat%20error%20do%20you%20get%3F%3CBR%20%2F%3EDid%20you%20grant%20the%20users%20the%20Virtual%20Machine%20User%20role%3F%3C%2FLINGO-BODY%3E
Contributor

Hey,
I am using Azure Virtual Desktop with Azure AD Login. I was able to create a hostpool as well as a session host. I can log in to the hostpool with my AAD credentials. But on the session host it only works with the local admin user.

The session host is Azure AD gejoind.

AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : NO
Device Name : SGVDI-0

How can I log in to the session host with my Azure AD credentials?

5 Replies
Hi @Stefan Kießig,
What error do you get?
Did you grant the users the Virtual Machine User role?

@Johan Vanneuville 

Sorry for my late reply.

 

The problem is still there. I become no error. 

It shows in the login windows "The logon attemd faild" in red.

 

Regrards 

Stefan

Hi @Stefan Kießig , any solution you found for this? I am facing same issue.

@sreeja8 

 

As above, did you assign the Azure AD user to the Session Host you're trying to connect to?

 

  • "Assign your users the Virtual Machine User Login role so they can sign in to the VMs."

https://docs.microsoft.com/en-us/azure/virtual-desktop/deploy-azure-ad-joined-vm#assign-user-access-...

 

The local client needs to be one of these also:

 

  • The local PC is Azure AD-joined to the same Azure AD tenant as the session host
  • The local PC is hybrid Azure AD-joined to the same Azure AD tenant as the session host
  • The local PC is running Windows 10, version 2004 and later, and is Azure AD registered to the same Azure AD tenant as the session host
  • To enable access from Windows devices not joined to Azure AD, add targetisaadjoined:i:1 as a custom RDP property to the host pool. These connections are restricted to entering user name and password credentials when signing in to the session host.

https://docs.microsoft.com/en-us/azure/virtual-desktop/deploy-azure-ad-joined-vm#connect-using-the-w...

 

I also found this useful as well in genera: https://docs.microsoft.com/en-us/azure/architecture/example-scenario/wvd/azure-virtual-desktop-azure...

@ahart3 

 

yes. 

My challenge was the MFA. Since the login on a VM does not support MFA. So I turned off the login with MFA for Azure VM connected with AAD.

 

Regards

Stefan