Remote Desktop authentication to AVD (AADDS) asks for PIN by default

%3CLINGO-SUB%20id%3D%22lingo-sub-3064242%22%20slang%3D%22en-US%22%3ERemote%20Desktop%20authentication%20to%20AVD%20(AADDS)%20asks%20for%20PIN%20by%20default%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3064242%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3Eat%20our%20customers%2C%20we%20noticed%20that%20the%20PIN%20is%20asked%20first%20if%20a%20user%20logon%20to%20AVD%20Session-Host.%20It%60s%20the%20Authentication%20to%20AADDS.%3CBR%20%2F%3EAs%20you%20can%20see%20in%20Screenshot.%20User%20try%20to%20logon%20via%20PIN%20which%20is%20for%20sure%20not%20working.%20The%20user%20has%20to%20choose%20%22more%20options%20(green)%22%20to%20choose%20%22Other%20Account%20(red)%22%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22PatrickBinder_0-1642493967779.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F340236iAD435FD4E8B100C8%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22PatrickBinder_0-1642493967779.png%22%20alt%3D%22PatrickBinder_0-1642493967779.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EI%20am%20searching%20for%20a%20possibility%2C%20that%20Username-Password%20authentication%20is%20default.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20i%20understand%20correctly%2C%20AADDS%2C%20AVD%20and%20the%20Session-Host((Windows%2010%20Enterprise%20for%20Virtual%20Desktops%2020h1-evd))%20has%20nothing%20to%20do%20with.%20It%20should%20be%20resolved%20from%20client%20side.%3CBR%20%2F%3ECould%20it%20be%20done%20with%20config%20for%20Remote-Desktop%20client(1.2.2691.0).%3C%2FP%3E%3CP%3EOr%20is%20there%20a%20way%20to%20say%20Windows%20how%20the%20Authentication%20to%20AADDS(Screenshot)%20should%20look%20like%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECustomer%20is%20Cloud-Only%20and%20clients%20are%20managed%20via%20Microsoft%20Endpoint%20Manager.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20Reply%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3066687%22%20slang%3D%22en-US%22%3ERe%3A%20Remote%20Desktop%20authentication%20to%20AVD%20(AADDS)%20asks%20for%20PIN%20by%20default%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3066687%22%20slang%3D%22en-US%22%3EAny%20Ideas%20%3F%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3241389%22%20slang%3D%22en-US%22%3ERe%3A%20Remote%20Desktop%20authentication%20to%20AVD%20(AADDS)%20asks%20for%20PIN%20by%20default%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3241389%22%20slang%3D%22en-US%22%3EI%20am%20wondering%20the%20exact%20same%20it%20is%20confusing%20for%20users.%3C%2FLINGO-BODY%3E
New Contributor

Hi All,

at our customers, we noticed that the PIN is asked first if a user logon to AVD Session-Host. It`s the Authentication to AADDS.
As you can see in Screenshot. User try to logon via PIN which is for sure not working. The user has to choose "more options (green)" to choose "Other Account (red)"

PatrickBinder_0-1642493967779.png

I am searching for a possibility, that Username-Password authentication is default.

 

If i understand correctly, AADDS, AVD and the Session-Host((Windows 10 Enterprise for Virtual Desktops 20h1-evd)) has nothing to do with. It should be resolved from client side.
Could it be done with config for Remote-Desktop client(1.2.2691.0).

Or is there a way to say Windows how the Authentication to AADDS(Screenshot) should look like?

 

Customer is Cloud-Only and clients are managed via Microsoft Endpoint Manager.

 

Thanks for Reply

5 Replies
I am wondering the exact same it is confusing for users.
Hi,
Maybe it's because of Windows Hello for Business.

One way to disable Windows Hello for Business is by using a group policy.

Computer Configuration or User Configuration -> Administrative Templates -> Windows Components -> Windows Hello for Business

Here for Use Windows Hello for Business select Disabled.

Regards, Tom
We use Windows Hello for Business so we don't want to disable it.
same here.... It would be enough to find a solution that login with credentials will be default.