You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I have attempted to use Azure AD SSO in my Hybrid Azure AD environment. I had the toughest time getting it to work initially. It kept authenticating and getting caught in a loop for Azure AD authentication. Once I supplied the credentials, it circled back and prompted me for Azure AD authentication again. This keeps happening again and again in a loop. Then, a GBB (Global Black Belt) colleague (I am a Microsoft employee) informed me that I needed to remove AVD user accounts from "Domain Admins" group in Active Directory. When I went ahead and tried this, I was able to get Azure AD SSO to work! Unfortunately, I then went ahead and pushed a Group Policy, "Restricted Groups" in the "Default Domain Policy" GPO to add my AVD users group to be added to local administrators group. Applying this policy broke the SSO again where the Azure AD auth page is being looped again. I tried removing the policy altogether but could not restore SSO policy to work again. Please let me know if this is a known issue and if currently there is a known resolution. Thank you.
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
ID: 2abd6b51-f5b4-a4f3-5cb5-c1f49fd2ce11
Version Independent ID: 1768eb36-2628-f33a-35c0-320e895b75c7
Hi @hoyapark - your best bet is to reach out to the Azure Virtual Desktop discussion internal DL on this. If there's a doc update needed as a result of asking there, we can help. Ping me internally if you can't find the DL.
[Enter feedback here]
Hello, I have attempted to use Azure AD SSO in my Hybrid Azure AD environment. I had the toughest time getting it to work initially. It kept authenticating and getting caught in a loop for Azure AD authentication. Once I supplied the credentials, it circled back and prompted me for Azure AD authentication again. This keeps happening again and again in a loop. Then, a GBB (Global Black Belt) colleague (I am a Microsoft employee) informed me that I needed to remove AVD user accounts from "Domain Admins" group in Active Directory. When I went ahead and tried this, I was able to get Azure AD SSO to work! Unfortunately, I then went ahead and pushed a Group Policy, "Restricted Groups" in the "Default Domain Policy" GPO to add my AVD users group to be added to local administrators group. Applying this policy broke the SSO again where the Azure AD auth page is being looped again. I tried removing the policy altogether but could not restore SSO policy to work again. Please let me know if this is a known issue and if currently there is a known resolution. Thank you.
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: