Share via

Azure Local AVD session hosts not visible

Bollapu vishnu Vardhan reddy3 160 Reputation points
2025-08-21T08:58:35.37+00:00

Hello Team,

I am trying to deploy AVD in azure local as a POC and below is my brief

My Session Hosts will be part of my onprem private domain(abc.local) that i have created locally and are joined to the domain.

My users are in entra ID (xyz.net) and will be accessing the AVD systems and i have given the assignment.

both the above domains are not connected in any sort

I am not able to view the system in the Remote Desktop.

As per below i have the flexibility to joining my session hosts to my onprem domain as well

https://learn.microsoft.com/en-us/azure/virtual-desktop/prerequisites?tabs=portal

https://learn.microsoft.com/en-us/azure/virtual-desktop/authentication#hybrid-identity
User's image
but as per below, my session host and the users who access they desktops should also be in the same domain

User's image

so does that mean that Azure local only supported identity for AVD, I should have an onprem AD which is in connect with my entra ID or else you will not be able to use AVD in Azure Local.

Azure Local

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sina Salam 23,931 Reputation points Volunteer Moderator
    2025-08-21T16:49:18.0766667+00:00

    Hello Bollapu vishnu Vardhan reddy3,

    Welcome to the Microsoft Q&A and thank you for posting your questions here.

    I understand that you are having issues with Azure Local AVD session hosts not visible.

    In your explanation, this configuration is unsupported because the AVD service broker can only authenticate users against Entra ID and must be able to resolve those identities to session hosts registered in a trusted directory.

    The only viable solution is to establish hybrid identity using Entra ID Connect to synchronize your on-premises Active Directory with Entra ID, creating a single trusted identity source. This requires first ensuring a reliable Site-to-Site VPN or ExpressRoute connection is in place between your on-prem network and the Azure VNet hosting your session hosts, with the VNet's DNS settings configured to use your on-prem domain controllers for name resolution - https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances

    You must then install and configure Entra ID Connect on a server in your abc.local domain, specifically synchronizing the Organizational Units containing both your users and the session host computer objects - https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-install-custom

    Once synchronized, you must assign users access using these synchronized identities via the Virtual Machine User Login role in IAM for the host pool or specific VMs. - https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal) and

    It is critical to understand that this architecture introduces a dependency on your on-premises infrastructure for authentication; any disruption in network connectivity or the Entra ID Connect service will impact user sign-ins. For a proof-of-concept, this is the required path, but for production, consider the long-term resilience and management overhead of maintaining this hybrid identity dependency.

    I hope this is helpful! Do not hesitate to let me know if you have any other questions or clarifications.

    Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.