I'm currently in the process of migrating a system to Azure, and I need to ensure that users are logged in as Active Directory (AD) users for the system to function correctly. My goal is to get Azure Virtual Desktop (AVD) to join sessions to the domain. I'm a bit unsure how this works since typically, you'd sign in to AVD using your Entra credentials via the Windows app.
Here's my plan: I want to migrate the Domain Controller (DC) first, then create an Organizational Unit (OU) specifically for AVD and the service account. After that, I'll use the User Principal Name (UPN) while creating the sessions. I'm also wondering if I need to have Entra Connect set up for all of this to work properly.
4 Answers
This part can definitely be confusing at first. If you require full AD-joined sessions for AVD, you'll typically need a hybrid setup. This means your VMs must be joined to the on-prem AD, and users need to be synced via Entra Connect. Your approach with migrating the DC first, then creating the OU for session hosts, and performing the domain join during host pool setup sounds solid. Remember, while Entra creds can get users into the AVD service, actual session authentication relies on the AD if it's domain joined.
Check out this video that provides a step-by-step explanation on how to set up AVD Single Sign-On (SSO). It's pretty helpful if you're just getting started.
To get this working, it's advisable to spin up a DC in Azure and connect it to your on-prem domain. You will need Entra Connect to sync your Active Directory to Entra. It's important that the UPN for your AD users matches the Entra UPN. For instance, if your AD is set up as domain.local and your Entra is domain.com, then the AD UPN should be formatted as [email protected]. This allows users to log in with their Entra credentials. Otherwise, they'll face multiple prompts for credentials after using the Windows app.
Your users absolutely need to be synced to Entra. Once they launch the Windows App, they’ll use their Entra credentials. After selecting a host pool, they’ll then be prompted to enter their domain credentials to access the actual VM. For further details, you can find more information in the Azure documentation.
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Fix Not Being Able To Add New Categories With Intuitive Category Checklist For Wordpress
Get Real User IP Without Installing Cloudflare Apache Module
How to Get Total Line Count In Visual Studio 2013 Without Addons
Install and Configure PhpMyAdmin on Centos 7
How To Setup PostfixAdmin With Dovecot and Postfix Virtual Mailbox