Hello @Prrudram-MSFT - I have the same situation. We have a Phyiscal laptop that is Azure AD joined and use WHFB. In that laptop we have Azure Virtual Desktop client that i connect using hybrid credentials. When i try to login to AVD using smartcard or Yubikey "i get certification authority could not be contacted for authentication".Any Ideas ?
Azure VD Based Connection - Failed to Connect - "A Certificate authority could not be contacted for authentication" while using Windows Hello for Business
Hello Experts,
I could not find the Limitations of Azure Virtual Desktop Based scenario's.
Environment:
- Windows 11 - as Azure AD Domain Joined
- On Premise AD, CA Environment
- On Premise CA Environment, Integrated and Deployment Using SCEP/NDES Model with help of Intune
- Windows Hello for Business - Using the Internal CA Certificates
- Latest Updates with Client OS, and Remote Desktop Application is also Up to Date
- Windows Hello for Business Activated, Working Well as expected - PIN, Face Recognization...
We have Successful usage of AVD Based work Stations and Applications using MS Edge / Chrome Browser. The following error appears while we try to access the Remote Desktop Based
Added Information:
- Remote Desktop Application helps to connect to the AVD Environment - with Regular Credential Based authentication.
- Remote Desktop Application failed to connect - With any other except credential based (Example : PIN, Fingerprint, Face Recognization...) - For any Applications which is Hosted in Azure VD (Example : Outlook, PowerPoint, Hosted Servers..)
- The Same error message appears if we take the RDP Session using MSTSCS Based Session
- All Azure VD Hosted Devices, Applications are accessible with out any issues using Browser. In General the browser based authentication will not ask for the Windows Hello For Busines based logins
Any Idea, if we have any Limitations with AVD + Windows Hello for Business.
Certificate Details:
The following type of Certificate's are in Place and it is use for authentication - Other Purpose (Accessing the In House Applications, etc.,)
Device Based Certificate's
User Based Certificate
Any Suggestion:
- Usage of additional certificate/types - If no Restrictions
2.Reference Materials if any Restrictions..
Thank you for your time in Advance!