Nov 03 2023 10:46 AM - edited Nov 03 2023 11:00 AM
We've been working on the ability to hide the dialog shown to users on first connection to a new session host when Single Sign-On is enabled to allow the remote desktop connection. The steps have now been published. To get started, review the new steps to configure Single Sign-On on your Azure Virtual Desktop Host Pool:
Configure single sign-on for Azure Virtual Desktop using Microsoft Entra authentication - Azure | Mi...
Nov 10 2023 12:20 AM
Nov 14 2023 06:34 AM
Nov 14 2023 01:05 PM
Nov 14 2023 01:06 PM
Nov 14 2023 10:17 PM
Nov 16 2023 10:29 AM
@Andrew Allston for anyone else a bit confused and wants to try before the detailed instructions are posted. The available links seem to suggest you need to create these attributes/objects. But you are modifying the SPNs for the two applications listed in the docs. This means PATCH should be used and not POST which is the method which is linked to.
Nov 16 2023 05:48 PM - edited Nov 30 2023 05:37 PM
@Andrew Allston You are right. To create a remoteDesktopSecurityConfiguration object on a supported Service Principal (RDP resource) you have to use PATCH and set the isRemotedDesktopProtocolEnabled property. Once you have created the RDSC object you have to create targetDeviceGroup object and you can do that by using POST. If you need to add more device groups to the targetDeviceGroup object you can do so one at a time by again doing a POST call. The only time you will use PATCH call on targetDeviceGroup is if you need to update display name for the group. Hope this helps. I will updating the docs shortly to reflect this change from POST to PATCH when creating RDSC object.
Nov 30 2023 04:57 AM - edited Nov 30 2023 04:58 AM
Hi @David Belanger ,
Could you please do this step-by-step instruction ? I'm not familiar with MS Graph. I spent some time to figure out how to make this work without success... Thanks in advance it will be much appreciated !
Nov 30 2023 05:34 PM
@Florian_Paternostre see if this article provides you the required information - Use the Microsoft Graph API - Microsoft Graph | Microsoft Learn
Nov 30 2023 11:41 PM
@Sandeep Deo Thanks for the article.
I tried to do it with Graph Explorer without success.
I verified and assigned all required permissions (my account is global admin and I have consent all required permissions to Graph Explorer).
When doing the POST request to create the setting, I get the following error :
Do I use the correct servicePrincipals ?
Dec 01 2023 04:11 AM
Dec 01 2023 05:45 AM
Thanks a lot @Andrew Allston, This is exactly the information I needed.
I was able to configure it :)
Dec 07 2023 03:37 PM
@Florian_Paternostre / @Andrew Allston / @gkolk001 Thank you for the feedback. I've finished updating the public documentation with additional information, hopefully it's a bit clearer now:
Configure single sign-on for Azure Virtual Desktop using Microsoft Entra ID authentication | Microso...
Feel free to provide additional feedback.