I need help with ConfigureWVDSSO.ps1

Brass Contributor

I want this to work so my users dont have to logon twice. But when i try this i get an error on the adfs server.

 

Grant-AdfsApplicationPermission : The term 'Grant-AdfsApplicationPermission' is not recognized.

And which settings or not to be changed?

 

.\ConfigureWVDSSO.ps1 -WvdWebAppAppIDUri "https://mrs-Prod.ame.gbl/mrs-RDInfra-prod" -WvdClientAppApplicationID "fa4345a4-a730-4230-84a8-7d9651b86739" -RelyingPartyClientName "RemoteApp client (LEVVEL)" -ADFSAuthority "https://XXX.XXXXXX.com.com/adfs" -RdWebURL "https://rdweb.wvd.microsoft.com"

9 Replies

@cvanaxel We are trying to do this as well.  Please let us know if you get things working.

I think the script only works with adfs4.0 windows 2016. Because the command I posted is not recognized in adfs3.0 windows 2012r2

@cvanaxel   the certificate issuance is only in 2016 (or 2019) for this to work.

@douglind1

Is there no way to make a version for 2012r2

@cvanaxel unfortunately, no.  You will have to upgrade to get this functionality.

@douglind1 

 

Do we not need to change the -WVDClientAppApplicationID because when I look in my enterprise wvd client app I see different ID's?

@cvanaxel 

@douglind1 

 

This is SSO is not really SSO. It creates more problems. I got it working but in side the Desktop it started to ask for Teams also sign-in again.  Also for Outlook. We use Azure MFA and now user get prompt multiple times in there session.

 

@cvanaxel That sounds like an issue with how federation is configured... not as much on the WVD/sso side.

Do you mean the Microsoft office365 federation?