OneDrive AutoSign-In Not Working WVD Desktop

Copper Contributor

Having an issue with the OD client not auto-signing in on WVD.

Layout

OnPrem-ADDS sync'd to AAD via AADC, password hash sync with SSO enabled, devices are sync'd
2x Additional DCs VMs in Azure
S2S VPN between the two.

WVD in Pooled Desktop Mode
Single Session Host (Its only a test!)
FSLogix using AzureFiles for profile storage.
WVD Session host is HybridAzureJoined
OneDrive client installed with /allusers switch
GPO linked to the OU with the WVD SH VM in it which switches on FilesOnDemand, and AutoSign in user with primary domain creds enabled.

 

All so far so good, apart from the OD aspect.
It starts but doesn't login, I can see the policy is applied - the keys are in the registry
If I attempt to manually sign in, it does so without prompting for a password, so SSO looks OK.


Anything I've missed here?


Edit:
I forgot to say, same GPO applied to my on-prem RDS which is configured in the same way, connected to the same domain and is HybridADJoined (via the same HybridJoinPolicy) works just fine.
User logs in and onedrive hooks itself up.

4 Replies

@ChrisH0701 I'm having a similar issue. Have you ever resolved this? I can't get my virtual desktop to auto sign in to onedrive. Other apps work fine. I don't have an exclusion as a trusted location to bypass MFA yet but could add one if required.

My Setup

Windows Virtual Desktop Pooled Multi Session windows 10

Domain Controllers on Prem and in Cloud

AD Connect with password hash, single sign on, and Hybrid Azure AD Join

Group Policies for

  • OneDrive to silently move users to one drive sync app, move know folders
  • Seemless sign on
  • Azure AD Join (I don't think this works with multi session hosts though)

OneDrive auto starts and was installed with allusers switch but does not sign in.

MFA is enabled on my accounts too and not sure if that will require MFA or not.

 

@Adam Cochran 
I did, and to be honest I can't recall what I did or what it was, but it wasn't anything complex in the end.

Check that the WVD units are Hybrid joined (dsregcmd)
Check in AzureAD's logging to see if you can see the attempts getting bounced
Check that AzureADConnect SSO is actually working
No Folder Redirection policies in place?

I do still have most of the test setup around I think, so I can have a look at the GPOs applied to my WVD hosts if you need me to.

@ChrisH0701 

 

So the machines were not hybrid joining. Once I got that fixed it seems to work.

 

 

@Adam Cochran  Please let me know if you had to exclude OneDrive for MFA. I too am attmpting to implement such a feature