You can use different operating systems with different host pools to provide flexibility to your users. You have a choice of operating systems (OS) that you can use for session hosts to provide desktops and applications. The account you use for joining a domain can't have multi-factor authentication (MFA) enabled. Set up FSLogix Profile Container with Azure Files and Azure Active Directory.Set up FSLogix Profile Container with Azure Files and Active Directory Domain Services or Azure Active Directory Domain Services.To learn more about deploying FSLogix Profile Container with different identity scenarios, see the following articles: This means you must create these accounts in AD DS and synchronize them to Azure AD. To use FSLogix Profile Container when joining your session hosts to Azure AD, you will need to store profiles on Azure Files and your user accounts must be hybrid identities. In Azure AD and Azure AD DS, synchronized The following table summarizes identity scenarios that Azure Virtual Desktop currently supports: Identity scenario This synchronization process is automatic. If you're using Azure AD with Azure AD DS, user accounts are synchronized one way from Azure AD to Azure AD DS.If you're using Azure AD with AD DS, you'll need to configure Azure AD Connect to synchronize user identity data between AD DS and Azure AD.You'll need to keep the following things in mind based on which identity provider you use: If you're also using AD DS or Azure AD DS in your deployment of Azure Virtual Desktop, these accounts will need to be hybrid identities, which means the user accounts are synchronized. Your users need accounts that are in Azure AD. For Azure AD DS, you would need to be a member of the AAD DC Administrators group. To learn more about joining session hosts to Azure AD, see Azure AD-joined session hosts.įor an Active Directory domain, you need a domain account that can join computers to your domain. For more information, see Manage device identities. To join session hosts to Azure AD or an Active Directory domain, you need the following permissions:įor Azure Active Directory (Azure AD), you need an account that can join computers to your tenant. You need to join session hosts that provide desktops and applications to the same Azure AD tenant as your users, or an Active Directory domain (either AD DS or Azure AD DS). Session hosts can be joined to the same Azure AD tenant, or to an Active Directory domain using Active Directory Domain Services (AD DS) or Azure Active Directory Domain Services (Azure AD DS), providing you with a choice of flexible configuration options. Azure AD is always used to authenticate users for Azure Virtual Desktop. Azure Active Directory (Azure AD) is Microsoft's centralized cloud identity service that enables this capability. To access desktops and applications from your session hosts, your users need to be able to authenticate. You can also run the following command: Get-AzResourceProvider -ProviderNamespace Microsoft.DesktopVirtualization In the output, verify that the parameters RegistrationState are set to Registered. Register-AzResourceProvider -ProviderNamespace Microsoft.DesktopVirtualization You can run this even if the resource provider is already registered. Register the Microsoft.DesktopVirtualization resource provider by running the following command. If you're using PowerShell locally, first Sign in with Azure PowerShell, then make sure your Azure context is set to the subscription you want to use. Launch the Azure Cloud Shell in the Azure portal with the PowerShell terminal type, or run PowerShell on your local device. namespace Microsoft.DesktopVirtualization \ Verify that the parameter RegistrationState is set to Registered by running the following command: az provider show \ az provider register -namespace Microsoft.DesktopVirtualization If you're using Azure CLI locally, first Sign in with Azure CLI, then make sure your Azure context is set to the subscription you want to use. If you're using Cloud Shell, make sure your Azure context is set to the subscription you want to use. Launch the Azure Cloud Shell in the Azure portal with the Bash terminal type, or run Azure CLI on your local device. Verify that the status of Microsoft.DesktopVirtualization is Registered. If the status is NotRegistered, select Microsoft.DesktopVirtualization, and then select Register. Search for Microsoft.DesktopVirtualization.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |