May 26 2021 11:50 AM - edited May 26 2021 11:54 AM
We are excited to announce the public preview of single sign-on (SSO) using Active Directory Federation Services (AD FS) for Windows Virtual Desktop. This feature allows customers who use AD FS to configure their host pool to enable a single sign-on experience, removing the second credential prompt for the session host. This functionality is supported when using the Windows and web clients.
Getting started:
The documentation to configure AD FS single sign-on will guide you through the key steps needed to enable this functionality including:
May 26 2021 11:46 PM
May 28 2021 10:05 AM
May 29 2021 08:56 AM - edited May 29 2021 09:02 AM
Configured the environment exactly as per the article however still not getting SSO to session host, I am missing anything ?
Environment : ADFS hosted in 2019 win server
WVD hosts : win10 20H2 multisession
Client : Web browser
May 30 2021 01:27 PM - edited Sep 22 2021 12:28 PM
I'm really scratching my head here. AVD's in Azure going backward to ADFS for SSO? Really?
Given AVD's current SSO option is tied to line-of-site Domain Controllers (the AVD's are joined to, or through a Domain Trust, etc.). So adding ADFS for AVDs was the natural path.
What about customers that are moving client-side devices to Intune & AzureAD?
Sigh....
Jun 01 2021 02:24 PM
Hi @Kubaib, unsure if you are still having issues with enabling SSO. It looks like the SSL certificate on your AD FS server may not be valid or publicly trusted. The WVD service isn't able to access the server. You can also enable Log Analytics for WVD to see the errors for yourself.
Jun 07 2021 06:33 PM
It's coming - Enhanced support for Azure Active Directory (coming soon in public preview): https://azure.microsoft.com/en-us/blog/azure-virtual-desktop-the-desktop-and-app-virtualization-plat...