question

JakeDeCarteret-5155 avatar image
0 Votes"
JakeDeCarteret-5155 asked AmitaMenon-3691 edited

Windows Virtual Desktop Authentication - No Domain Controller

Hi Guys

I have set up a full VDI environment and AADDS I have never had and do not want a domain controller.

I have also managed to publish the Desktop and App and can see them from the users.

However when it try's to connect and authenticate it fails saying that there was a problem with the username/Password ?

If I use the local admin of the VM I have created then it authenticates and I can access the VM published APP but it will not authenticate any of my Users in azure AD.

azure-virtual-machinesazure-virtual-desktopazure-ad-domain-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JakeDeCarteret-5155 avatar image
0 Votes"
JakeDeCarteret-5155 answered

Hi Guys

The Issue was that when I was resetting passwords to synchronise the password hash I was not leaving it long enough to sync before attempting to log in which would then in turn break the synchronisation again.


"He that can have patience can have what he will." - Benjamin Franklin

Thanks for your help.

Jake

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndreasBaumgarten avatar image
0 Votes"
AndreasBaumgarten answered prmanhas-MSFT commented

Hi @JakeDeCarteret-5155 ,

the users are synced in AADDS?
For WVD login you need the synced user credentials of the AADDS user (user principal name of the AADDS user) or a local AD synced with Azure AD.


(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten


· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Andreas

I have synchronized the azure ad to AADDS as far as I can tell from following online documentation on Microsoft’s website. I have joined the VM to the domain and authenticated using my admin account.

When then trying to RDP to the windows virtual Machine in the rewrite portal it just returns saying there was a problem with the user or password as of the user is not part of the RD group but they are it’s as if the AADDS is not responding to authenticate the user as they connect.

I am using the windows 10 multisession 20H2 image as per the documentation instructitons.

I just have no idea why it won’t authenticate the user, especially as when I remote on using the local admin password it shows the users in the local group of Remote Desktop Users.

0 Votes 0 ·

Hi @JakeDeCarteret-5155 ,

if you are running Azure Windows Virtual Desktop the users don't need to be member in the local Remote Desktop Users group.

Best practice:

  • Create a Azure AD Group, for instance WVDusers and add the users who needs to login to the WVD hosts

  • In the Application Group add the WVDusers group to the Assignments.

With assignment the group members are getting access to login to the WVD hosts related to the Application Group.

https://docs.microsoft.com/en-us/azure/virtual-desktop/manage-app-groups#create-a-remoteapp-group



(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Andreas Baumgarten

0 Votes 0 ·

Hi Andreas

Thank you I had already completed that, like I said I have followed the online documentation by Microsoft. I think I am going to have to bite the bullet and pay for the support.

I have spent 14 hours trying to figure this out and not got any further then when I started, I think there must be something fundamentally wrong with either how i've configured it or my tenant.

I will report back with any findings.

Kind regards

Jake

0 Votes 0 ·