SOLVED

AVD with AAD only support? Preview or not?

Copper Contributor

Hi,

 

I am looking into AVD and would like to create it without the need for AD DS. The "Requirements" section in the documentation lists AD DS as a requirement, but then hint to AAD only in preview. However, when I create a new AVD deployment using AAD domain join the session hosts become unavailable. I have previously configured AVD successfully using "Azure AD Domain Services" but was hoping to skip this for this deployment.  

 

Basically, my question is – should AAD only work? And if it should, why does my session hosts keep being unavailable (default setup using marketplace images)?

 

To my understanding Windows 365 also have in scope to enable AAD only, but they are not there yet. 

BR

Theodor

 

6 Replies
best response confirmed by TheodorBrander (Copper Contributor)
Solution
Hi,
AAD Join is still in public preview so it has a couple of requirements.
- hostpool should be in validation environment
- The host pool VM's must be Windows 10 single-session or multi-session, version 2004 or later.

Dear John,

 

EDIT: it took a few minutes after restart, but it appears to be available now. Thank you for your help!

 
Thank you for your swift reply. I have now changed the hostpool to use a validation environment. The windows version is 20h2 enterprise from the marketplace.

The session hosts are still unavailable though, even after restart. I should not be required to redploy it from scratch, right?

There is a failed healthcheck with: "message": "SessionHost unhealthy: SessionHost is not joined to a domain"

BR
Theodor

Hi @TheodorBrander,
Check in the extension blade if the AADLogonForwindows extension is installed on the vm.
hi again.

Maybe I was a little quick to accept the answer because I am not able to login using my AAD account, only the local windows account.

Yes, the extention is installed and now the session host is marked as "available" as well, but still issues to login.

-T
Hi,
It can be that you missed some prerequisites for AAD to be able to work.
Check out the blog I wrote about it.
https://johanvanneuville.com/avd/avd-and-aad-join-public-preview/
Also check the video's from the Azure Academy about this feature

Hi again,

thanks! I reviewed the settings and added locpol for PKU2U, which I hadn't enabled. Still didn't work, so I deleted everything and re-deployed it, and it worked :)

-T
1 best response

Accepted Solutions
best response confirmed by TheodorBrander (Copper Contributor)
Solution
Hi,
AAD Join is still in public preview so it has a couple of requirements.
- hostpool should be in validation environment
- The host pool VM's must be Windows 10 single-session or multi-session, version 2004 or later.

View solution in original post