Azure Virtual Desktop
A Microsoft desktop and app virtualization service that runs on Azure. Previously known as Windows Virtual Desktop.
984 questions
Hi Rajitha
To use MFA with Azure Virtual Desktop, you need to ensure that Per-User MFA is disabled for any user attempting to sign in and instead use only conditional access.
Enforce Azure Active Directory Multi-Factor Authentication for Azure Virtual Desktop using Conditional Access
Per-User MFA is not compatible with Virtual Desktop as mentioned in this artictle: Azure AD joined session host VMs
Many thanks
Lee
@Lee Hubble Thanks for the support. Had to play around the CA policy a bit but basically, the MFA prompts and allows the VD access.
Sorry for not getting back to you sooner. I'll mention for anyone else that stumbles upon this, in the Conditional Access policy you need to include the 'Azure Virtual Deskop' app but exclude "Azure Windows VM Sign-In". You also need to turn off per-user in link below and enable modern authentication for the accounts signing into Azure Virtual Desktop. https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx?BrandContextID=O365
Thanks for sharing the resolution for others.
Sign in to comment