NEW FEATURE: Smart card authentication for Windows Virtual Desktop!

Microsoft

Today, we are excited to announce that Smart card support for Windows Virtual Desktop using KDC proxy has reached General Availability!

 

Smart card authentication is now supported via the use of the KDC proxy service, a key component in the Remote Desktop Services Gateway role in Windows Server 2016 and later.

 

Here is the functionality of how the KDC proxy service is inserted into your Host Pool RDP properties to make your Windows Virtual Desktop Environment even more secure:

 

Expose KDC Portal Email.PNG

 

KDC Proxy RDP Properties:
This will enable Kerberos authentication for the RDP portion of a WVD session, to include permitting Network Level Authentication without a password.

 

Getting Started:
Configure a Kerberos Key Distribution Center proxy in WVD - Set up Kerberos Key Distribution Center proxy Windows Virtual Desktop 

How to manage the Remote Desktop Services side of the KDC proxy - Deploy RD Gateway role Windows Virtual Desktop

4 Replies
I can't get this to work using the Microsoft Remote Desktop client. Smart card logon works great for the regular Remote Desktop client but I get "A certification authority could not be contacted for authentication" error when using a smart card with the Microsoft Remote Desktop client. Setting up a KDC Proxy made no difference.

I'm getting "An authentication error has occurred (Code: 0x4ef)" when trying to auth with smartcards. My setup is AzureAD joined PC with all smartcard drivers installed and a KCD Proxy and RD Gateway.

Hi has anyone gotten this to work via AVD ? My KDC proxy setting is being avoided / skipped by AVD ...from the built in RD Client where I can specify my KDC proxy setting ..I can reach my KDC but not thru AVD :(