Single Sign-On (SSO) & Azure Virtual Desktop (AVD)

SSO & AVD: can you do it?

Single Sign-On (SSO) is one of the most popular methods for authenticating users. It’s an efficient, secure, and cost-effective way to manage user identities and access to applications and services. Azure Virtual Desktop (AVD) is a cloud-based desktop virtualization service that enables users to access their desktops and applications in the cloud.

So, can you combine the two technologies and deploy Single Sign-On with Azure Virtual Desktop? The answer is yes, and it’s actually quite easy to do. In this article, we’ll explain how you can use Azure Active Directory (Azure AD) to enable SSO with AVD, allowing you to quickly and securely access your virtual desktops.

What is SSO?

Single sign-on (SSO) is a form of authentication that allows users to access multiple applications and websites with just one set of login credentials. Instead of having to remember multiple usernames and passwords, they can log in to all the systems they need with a single ID and password. This provides users with a much more convenient and secure way to access the resources they need quickly and easily.

Benefits of using SSO

The primary benefit of using SSO is that it simplifies the user’s experience by eliminating the need to remember and enter multiple usernames and passwords. With SSO, users only need to authenticate once and can then access any application within their environment with one set of credentials.

Another advantage of SSO is that it improves security by providing a more secure authentication process. By requiring users to authenticate only once, SSO eliminates the need to store multiple passwords, which reduces the risk of theft or data breaches. SSO also provides a centralised authentication system that makes it easier to manage user access, allowing administrators to quickly and easily add or remove users from applications.

SSO can also reduce administrative costs by reducing the need to manage multiple credentials. This can result in significant cost savings for organisations, as well as improved security and user experience.

What is AVD?

Azure Virtual Desktop (AVD) is a cloud-based service offered by Microsoft that allows users to access their data, applications, and desktops from any device, anytime, and from anywhere. It provides users with a secure and reliable way to access and manage their virtual desktop environment. With AVD, users can access their applications, data, and desktops from any device, including desktops, laptops, tablets, and smartphones.

Prerequisites for enabling SSO in AVD

Before configuring SSO, ensure you have at least one of the following installed:

Create a Kerberos Server object when your session host is:

Clients must support:

Configuring SSO with Azure AD authentication

SSO can be configured for AVD via Azure AD. First, you must customise the Remote Desktop Protocol (RDP) through the manual settings.

From the main dashboard:

Once this option has been selected, the first time you attempt to log into the session host, you will be prompted to authenticate with Azure AD. Ensure you allow the remote desktop connection at this time.

Azure AD remembers up to 15 hosts for 30 days before it is required to make a new authentication prompt. You must create the Kerberos server object before enabling SSO on the Hybrid Azure AD joined VMs, or you will not be able to connect to the VMs.

Manage your AVD environment with expert guidance

With popular technologies like SSO and AVD, you can create truly flexible and powerful desktops that are constantly getting better. They can reflect the needs of different users at different stages in their professional development, while also remaining secure and manageable.

The Microsoft specialist team at Steadfast Solutions can help you manage and configure your AVD environment for optimal performance, and train your users to easily navigate the platform so they can work with ease and enhanced security from any location.