WVD - joining pools to different domains in same tenant

ppinfrageek 121 Reputation points
2021-03-19T13:49:48.787+00:00

Hello everyone,

I am looking for some assistance with a multi-domain/forest WVD deployment.

Our first pools have been working great for over a year [running spring release since June last year], but now I need to create a pool for our developers where the session hosts should be joined to a different domain from another forest.

Initially, I foolishly thought that as long as I can join the session hosts to the second domain that will be job done, but although we can authenticate to AAD using our main domain [dom-A.com] identities - when I try to login to the session hosts using [dom-B.com] = that does not work.

Clearly, I had no idea about identity matching etc, mentioned in the blog of one of the WVD black beltsThe WVD Log in process and Active Directory topologies explained | Tom Hickling (xenithit.blogspot.com)].

So this is what I need to work with:

  • we have two forests on-premises: one being our production one [dom-A.com] and another one is where our developers work [dom-B.com]
  • There is two-way non-transitive trust between dom-A.com and dom-B.com
  • Presently only dom-A.com is synchronised by AD Connect to AAD…

Any idea what our steps should be going forward? I understand that we can’t have multiple AD Connect instances pointing to the same AAD tenant, but I can allow our only instant access to dom-B.com and try to sync it.

Is this the right way forward? Can you outline what else I may need to do?

Azure Virtual Desktop
Azure Virtual Desktop
A Microsoft desktop and app virtualization service that runs on Azure. Previously known as Windows Virtual Desktop.
1,449 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Andreas Baumgarten 103.8K Reputation points MVP
    2021-03-19T18:31:54.463+00:00

    Hi @ppinfrageek ,

    why it's not possible to sync 2 different local Active Directories in one Azure AD Tenant using one AD Connect instance?
    It is a supported scenario to sync multiple forests with one AD Connect instance in one Azure AD Tenant:
    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multiple-forests-single-azure-ad-tenant

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments No comments