Windows 2019 RDS and Azure AD SSO

Brass Contributor



customer has an onprem virtual Windows 2019 RDS which is hybrid azure ad-joined. 


When users connect to RDS with Windows Hello fingerprint or PIN, they dont get Azure PRT token. In dsregcmd /status command, the Azure PRT: NO

If they log on with username and password, gets the PRT immediately and SSO works (Azure PRT: YES)


How can we use Azure SSO with Windows Hello?


Thank you for you help!



1 Reply

Hi @Istvanffy_Z,

Microsoft has documented the public preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices (like FIDO2 keys).

This functionality is currently available on Windows 10, Windows 11 and Windows Server 2022 session hosts.

Please ensure that your system meets all the requirements.
Announcing public preview of SSO and passwordless authentication for Azure Virtual Desktop - Microso...

Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.

If the post was useful in other ways, please consider giving it Like.

Kindest regards,

Leon Pavesic