Nov 30 2020 09:07 AM
Nov 30 2020 09:07 AM
Having an issue with the OD client not auto-signing in on WVD.
OnPrem-ADDS sync'd to AAD via AADC, password hash sync with SSO enabled, devices are sync'd
2x Additional DCs VMs in Azure
S2S VPN between the two.
WVD in Pooled Desktop Mode
Single Session Host (Its only a test!)
FSLogix using AzureFiles for profile storage.
WVD Session host is HybridAzureJoined
OneDrive client installed with /allusers switch
GPO linked to the OU with the WVD SH VM in it which switches on FilesOnDemand, and AutoSign in user with primary domain creds enabled.
All so far so good, apart from the OD aspect.
It starts but doesn't login, I can see the policy is applied - the keys are in the registry
If I attempt to manually sign in, it does so without prompting for a password, so SSO looks OK.
Anything I've missed here?
I forgot to say, same GPO applied to my on-prem RDS which is configured in the same way, connected to the same domain and is HybridADJoined (via the same HybridJoinPolicy) works just fine.
User logs in and onedrive hooks itself up.
Feb 03 2021 01:23 PM
@ChrisH0701 I'm having a similar issue. Have you ever resolved this? I can't get my virtual desktop to auto sign in to onedrive. Other apps work fine. I don't have an exclusion as a trusted location to bypass MFA yet but could add one if required.
Windows Virtual Desktop Pooled Multi Session windows 10
Domain Controllers on Prem and in Cloud
AD Connect with password hash, single sign on, and Hybrid Azure AD Join
Group Policies for
OneDrive auto starts and was installed with allusers switch but does not sign in.
MFA is enabled on my accounts too and not sure if that will require MFA or not.
Feb 04 2021 01:43 AM
I did, and to be honest I can't recall what I did or what it was, but it wasn't anything complex in the end.
Check that the WVD units are Hybrid joined (dsregcmd)
Check in AzureAD's logging to see if you can see the attempts getting bounced
Check that AzureADConnect SSO is actually working
No Folder Redirection policies in place?
I do still have most of the test setup around I think, so I can have a look at the GPOs applied to my WVD hosts if you need me to.