Table of Contents
Overview
This guide provides information for configuring Entra ID Single Sign-on (AAD SSO) for Citrix DaaS without the use of FAS and also getting a PRT – so there are no SSO problems with M365 Apps inside your HDX session. The architecture is based on modern auth (OAuth) without any legacy method. The VDA’s machine identity has to be Entra joined or Entra hybrid joined.
This feature is currently in private tech preview.
Requirements
The following are the system requirements for using Entra ID SSO:
Currently NDA
Configuration
The configuration part – I’m very sorry! – at the moment is strictly under NDA. I will update this post with all details (Config for DaaS and Citrix Workspace App) as soon as I’m allowed to.
I just want to make sure that there is something in the pipe! So if you’re planning to switch your IdP in DaaS to Entra ID and you’re considering some FAS / SSO problems – maybe lean back and wait a few minutes more đ
Here’s a quick sneak peek how’s the look & feel and the confirmation that it’s also working fine with Windows Server 2022, too.
This is a brand new user, never started a resource before, adding first time Account in Workspace App:
Some Screenshots:
Summary
Finally we can put FAS to sleep and make usage of all kind of modern auth from Microsoft Entra ID’s spectrum.
Thanks to Miguel Contreras and Team for the great work!
Canât wait!
I need this for one of our customers ASAP, how can I participate to the private technical preview? It’s an enterprise customers with a large number of users and many countries involved.