SSO for Azure Virtual Desktops with Intune Azure AD Join

Question

Hi All,

Azure Virtual Desktops, Entra Join with Intune, i can login fine with Entra SSO enabled but when accessing on prem shares, i get prompts to login, i believe this should be SSO and no prompts?

Posted by Marko Tomic in HTMD FB Group

azure ad - HTMD Forum - Welcome to the world of Device Management! This is community build by Device Management Admins for Device Management Admins❤️ Ask your questions!! We are here to help you! - SSO for Azure Virtual Desktops with Intune Azure AD Join

Answer ( 1 )

    0
    2024-06-25T20:31:25+05:30

    For More Details Configure Single Sign-on SSO for Windows 365 Azure AD Join Cloud PC
    https://www.anoopcnair.com/single-sign-on-sso-for-windows-365-cloud-pc-aad/

    Replied by Kasper Sven Mozart Johansen

    You need to setup Cloud Kerberos Trust, if the on-prem resources are in a domain. The user logging on the AVD machine will have to be a hybrid user, existing both in the on-prem AD and synced to Entra.

    Replied by Phil Day

    In addition to cloud trust make sure your using FQDN and FQDN in any DFS. There is an article about that as well.

    Replied by Marko Tomic

    Fixed now thank you all
    # Specify the on-premises Active Directory domain. A new Azure AD
    # Kerberos Server object will be created in this Active Directory domain.
    $domain = $env:USERDNSDOMAIN
    # Enter an Azure Active Directory Global Administrator username and password.
    $cloudCred = Get-Credential -Message ‘An Active Directory user who is a member of the Global Administrators group for Azure AD.’
    # Enter a Domain Administrator username and password.
    $domainCred = Get-Credential -Message ‘An Active Directory user who is a member of the Domain Admins group.’
    # Create the new Azure AD Kerberos Server object in Active Directory
    # and then publish it to Azure Active Directory.
    Set-Azure AD Kerberos Server -Domain $domain -Cloud Credential $cloudCred -Domain Credential $domainCred

Leave an answer

Sorry, you do not have permission to answer to this question .