In this video, I go over Azure AD Administrative Units. Azure AD Administrative units are a way to delegate admirative tasks to a subset of Azure AD users. We review how to create Admin Units and how to add users and groups to an Administrative Unit. We also delegate administrative rights to a user to on an Administrative Unit.
Continue reading “Azure AD Administrative Units”
In this video, I show you how to configure Email Feed Discovery for Windows Virtual Desktop (WVD). Email Feed Discovery allows users to setup the Remote Desktop Client with their email address instead of the WVD Feed URL.
Continue reading “Windows Virtual Desktop Email Discovery”Azure Files SMB Access with Windows AD allows you to access file shares in Azure with NTFS access control. By default, that access won’t extend to an on-prem network over VPN or Express Route. This video shows how to extend access to an Azure Files share with Windows AD to an on-premises network using Private Endpoints.
Continue reading “Azure Files SMB Access On-premises with Private Endpoints”
Azure Files allows you to access file shares in Azure, but until recently use was restricted to RBAC permission. Azure Files SMB Access for Azure AD Domain Services is generally available and support for Windows AD is now in public preview. This video goes over how to enable Azure Files for SMB access secured with your on-premises Windows AD Directory Services.
Continue reading “Azure Files SMB Access with Windows AD”
One unfortunate aspect of working with Windows Virtual Desktop is the inability to assign users to an Application Group based on group management. Microsoft has heard this complaint and an upcoming version of WVD portal management will include App Group access based on group membership. Until that is available, I created a script that should help.
Continue reading “Update an WVD Application Group Based on a Windows AD Security Group”
Microsoft has a couple of options available for identity and authentication services including Active Directory Domain Services, Azure Active Directory, and Azure Active Directory Domain Services. This can lead to confusion, especially considering three of the options have “Active Directory” in the name. It also leads to the question “do we still need domain controllers?” This post reviews these three different options, outlining the functionality and comparing how they work together in Microsoft and Azure.
Continue reading “Active Directory Domain Service, Azure Active Directory and Azure Active Directory Domain Service Explained”
It has been about two weeks since the Azure Windows Virtual Desktop preview was announced. I have had several people ask about a specific issue when adding Windows Virtual Desktops to a domain during the provisioning process. The error is related to adding the new hosts to the Active Directory Domain and the message looks like below, indicating the “VM has reported a failure when processing extension ‘joindomain’’
Continue reading “VM has reported a failure when processing extension ‘joindomain’”
I had the pleasure of spending a significant amount of time elbows deep in a Remote Desktop Services deployment this week. As part of the effort, I published the RDS RDWeb IIS page with the Azure AD Application Proxy so MFA can be leveraged for remote desktop services.