Single-Sign On
After troubleshooting an issue for a customer, we determined that the prerequisites for enabling SSO at the AVD host pool level is not strictly enforced when a user goes to execute the SSO workflow from MSRDC or the Windows App. Meaning, that if an administrator does not enable the -IsRemoteDesktopEnabled flag on the Service Principals "Microsoft Remote Desktop" and "Windows Cloud Login" respectively. Setup: Deploy Entra ID Joined session hosts to a host pool and enable the "Microsoft Entra single sign-on" RDP property to "Connections will use Microsoft Entra authentication to provide single sign-on" or update the RDP connection string with 'enablerdsaadauth:i:1'. Result: User will not receive the 'Windows Security' dialog box to access the session host with their Entra ID credentials. Caveat: Be aware that to sign in with Entra ID credentials, minimally, the host pool RDP settings must contain 'targetisaddjoined:i:1'. Microsoft states this is going away and blending into 'enablerdsaadauth:i:1', which also enables SSO. It seems a bit odd of a move in my opinion and having two separate RDP properties makes sense if a company does not want SSO. But it is in alignment with Microsoft's push for passwordless authentication. For the Microsoft AVD team, why does this behavior exist and is it on the roadmap to be fixed if it's a known gap?
SharePoint Admin Center redirecting to SPFx Single Sign On Redirect Page
Hello, I've got an issue currently open with Microsoft Support however they're so far have been unable to resolve why I am being redirected to the SPFx Single Sign On Redirect Page when trying to access https://tenantname-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/home or https://admin.microsoft.com/sharepoint I am automatically taken to this page: https://mytenant-admin.sharepoint.com/_forms/spfxsinglesignon.aspx#code=0.AS8AW0bSmouaik6V_eHePuABYHaI4Qh3YX5IuLXPlQweWYwvABo.AgABAAIAAAAmoFfGtYxvRrNriQdPKIZ-AgDs_wUA9P_WluBbcSJB8cYbx71lqqyGHXDLsQVhhZcLagG1nJVuzJmvdXqmMvfZLcR57oq4kV22VhbPOWpKyp9ABUF4tm7Pxs5I5_B3BPsDOD4QiS0VqO6gwAwQYNUc9pOjEloq0Bz1B1ZHnQMm-hG4V_82qj9O8Hx6rJ8JSpA9fBzhz51tsPClPQOBVpBU1fns_9bkraWscTBJnOlDTJv5hBrN1q6Fg7wqj5B2C9xdYCFBvb-VtaDifKLGrfvMUcnQ65q4QdOUogXsMT-jRVEQiLtMlqRb577n2BH0AQNrgAAOx2O4mlaICP0zryw6Gq3gZwnn8nCieusQ_zUqDUENaF9EDovxLvq-VDkNy7FUKU3lOlXqOE-j89oez7Wxpe-811wJUKVwv4nyeymNTqs4K7e1BHR-15iECb40bI65TvjzKSS-Zz9qBLu2c8vDxq18snuqpyhO_JxUIC7ya4qysOl1kexTqBjINizSrb7s94PXXJAzVBT_XuCZDPK2YaOewowrpPPzcV5d7M_HgezHDGI6_8YPZOI4SfKDWAQ4hN02LiexG71z3OtzUt1pPMErBVjzDMC1NGdNspu4f9JPAIjdBlYRbHRB0mt1HsbmJiVmbUpSDgoqz0VIBPeh_zVfhFp8Yv8qGBut6mbOCgG9IYppfX3K5j9hsEUYhKDpdSPSxcGuW2JfoOI6kD222eZ9WRyVip9WyAndCzO0yKp48op3z_5_NnqfVEWZEW4vNOkB3TZF3n8SI2OEu6eYODGjyZBKikhnMQ6o72PpO9V8lFQKejK_3-ll-Znh4nDpjkjoix8FCzAsLRydrV0I-4Zb2U4aTRDc7Z4ZkAUKyHHFjO_cIeMrw_mYmRmzF6SOsTX5cbwLcyukQiT-a9WLBg0UVQNkuQB0gruCANYYlP4d-aElOvODltEP&client_info=eyJ1aWQiOiI0MTljN2FhNS1hMzlmLTQwZGEtODQxZi02MDQ4OTA1YzliYzYiLCJ1dGlkIjoiOWFkMjQ2NWItOWE4Yi00ZThhLTk1ZmQtZTFkZTNlZTAwMTYwIn0&state=eyJpZCI6IjhhNjM0ZGQwLWYxYTgtNGE4NC1iNGQwLTcwNzAwYWQ1ODE4YyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3d%7chttps%3a%2f%2fmytenant-admin.sharepoint.com%2f_layouts%2f15%2fonline%2fAdminHome.aspx%23%2fhome&session_state=3eeb8686-6f12-44cd-8159-1bb6ccf45bdb&correlation_id=5318a330-f909-411b-b997-a203bf473edb Any clue on what could be causing this as it only appears to be happening with my admin account. All other admins who have the SharePoint Admin role are able to traverse to the SharePoint Admin Center correctly. and Yes, I've tried this on 4 different browsers and several different computers - all resulting in the same issue.Share video by link or embed in the intranet
Hi, We currently use SharePoint Online and sync our AD to Azure AD with single sign-on as authentication. We are now looking at Stream as a replacement for YouTube for corporate videos. I haven't got single sign-on working so that I can embed the video in the intranet, therefore I am going to just send the link in an email. I simply want link to open the video for staff members to watch. When my test group opens the link it prompts them and tells them that it is setting up their account, see 1st screen in process attached. How can I avoid this and just have a link that simply takes them to the video? Hope that makes sense, OllieSingle sign on for videos embedded on our intranet.
Hi, We use SharePoint Online and Stream. We have our on premise AD synced to Azure AD and single sign-on set up for SharePoint Online. How can we set up Stream to be single sign on so that when we embed videos into our intranet, staff are not prompted to login? Thanks for your time, Ollie
