Category - Azure AD

How to create an Azure Service Principal for use with Windows Virtual Desktop AND Azure ARM Templates, like the ARM Template to Update an existing Windows Virtual Desktop hostpool

Some time ago, I wrote a blog about How to provision a Windows Virtual Desktop (WVD) Host Pool with Service Principal in the case that MFA is enabled for (every) user/admin in the Azure environment and you cannot provision a Windows Virtual Desktop hostpool. And this was working fine when provisioning a new Windows Virtual Desktop host pool via the “Windows Virtual Desktop – Provision a host...

Read More

How to configure Conditional Access with Session Management for Windows Virtual Desktop (WVD)

Recently I implemented Windows Virtual Desktop (WVD) for a customer. This customer has the policy that you always needs to get challenged by Multi-Factor Authentication (MFA) before you get access to a Remote Application or Desktop, except when connecting from a managed device. To achieve this with Windows Virtual Desktop, an Azure Conditional Access policy must be created with session settings...

Read More

How to provision a Windows Virtual Desktop (WVD) Host Pool with Service Principal

As described earlier in this blog you can easily provision a Windows Virtual Desktop (WVD) host pool with an user account that have “RDS Owner” or “RDS Contributor” permissions on the Windows Virtual Desktop tenant. However, this will not work as this user has Multi Factor Authentication (MFA) enabled.

Read More

How to configure Shared Credentials for web applications in Azure AD

By a lot of companies I still see that they are using SaaS/web applications with a single account and that the credentials of that account is shared with multiple people within the organization. An example; the marketing department is using multiple social media channels like Twitter, Facebook, Instagram and LinkedIn, everyone of the marketing department has the login credentials of these...

Read More

How to configure Remote Access for Work Folders with the Azure AD Application Proxy

In my previous blog I showed you how to deploy Work Folders on Windows Server 2019. In this blog I will show you how to configure Remote Access to these Work Folders via the Azure Active Directory Application Proxy. I great benefit of using the Azure AD Application Proxy is that you don’t need expensive reverse proxy solutions and you don’t have to open your firewall ports, so it is also more...

Read More

How to install the Application Proxy Connector and publish an on-premise web application or website in Microsoft Azure

In Microsoft Azure Active Directory you can publish web based (SaaS) applications and websites in a few different ways. The easiest way is via the Azure App Gallery, in that case you have added the application in just a few steps. If the application is not available in the Azure App Gallery you can add it manually. When adding the application manually you can either add cloud hosted web apps and...

Read More

How to integrate Citrix XenMobile with Azure AD for auto enrollment with Autopilot or Azure AD Join

In my previous blog I took you through the steps to configure Windows AutoPilot in combination with Microsoft Intune. In this blog, I want you to show that it is also possible to use Windows AutoPilot or Azure AD Join with other MDM/EMM solutions, like in this case, Citrix XenMobile. In this scenario, after the Windows 10 out-of-box-experience (OOBE) setup, the Windows 10 device is automatically...

Read More

How to configure Microsoft Intune / Azure AD Conditional Access to Microsoft Office 365 Exchange Online

With Microsoft Intune you can do great things. You can enroll all kind of mobile devices to enforce MDM policies, push applications and even configure managed mobile applicaties like the Microsoft Office applications. You can add an additional security layer to these managed applications by applying an additional access pincode and encrypt the data within the applications. Data can be isolated...

Read More

How to configure Citrix ShareFile SSON with Microsoft Azure AD

In the last few years I have mostly implemented ShareFile Enterprise as part of the XenMobile Enterprise edition and therefor configured the XenMobile server as a SAML identity provider for ShareFile SSON. In the last few months I also see some companies that were only interested in the Citrix ShareFile solution without XenMobile. In this case there are some alternative ways to provide users...

Read More

How to add a domain name to Microsoft Azure Directory and add users

There are a few ways to provision users in a Microsoft Azure AD directory. The most common is with the use of the Azure AD Connect tool which syncs your on-premises AD directory with Azure AD. The simplest way (and good for Cloud Only scenarios) is to create users directly in Azure AD. If you want to create a user in Azure AD with the UPN of your domain name, you first need to validate the domain...

Read More

About Robin Hobo

I am a Technology Specialist working for Microsoft with focus on the Modern Workplace. I am specialized in Microsoft Intune, Azure Virtual Desktop (AVD), Windows 365, Windows 11 and Azure AD. Also interested in mental health, NLP and personal development.

For more information, see the About Me page or my LinkedIn profile.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close