![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 67%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
Azure Virtual Desktop
A Microsoft desktop and app virtualization service that runs on Azure. Previously known as Windows Virtual Desktop.
1,770 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 79%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3END%3C/text%3E%3C/svg%3E)
Hi @Prabhjot Singh,
Entra Domain Services (Azure AD DS) plays a crucial role in Azure Virtual Desktop (AVD) deployments within cloud-only environments, as it provides managed domain services without the need for on-premises infrastructure.
Unlike traditional Active Directory which is designed for physical data centers and requires direct infrastructure management Azure AD DS offers cloud-native capabilities and integrates seamlessly with other Azure services.
When it comes to user management, Active Directory users are synced from on-premises devices to Microsoft Entra ID using tools like AD Sync or Entra Connect. In the case of Azure Active Directory, users can directly access AVD by being added to the appropriate assignments.
The deployment and access process for Microsoft Entra-joined virtual machines in Azure Virtual Desktop simplifies infrastructure requirements. These VMs eliminate the need for a direct connection to an on-premises or virtualized Active Directory Domain Controller (DC), or even the need to deploy Microsoft Entra Domain Services. In some scenarios, a domain controller may not be needed at all, making the overall setup and management more straightforward.
Azure Active Directory- Offers effortless scalability to support organizational growth, without the need for physical infrastructure expansion. Delivers comparable capabilities—such as domain join and group policy support—but is tailored for modern, cloud-centric applications and services. Handled entirely by Microsoft, easing IT workloads and enabling teams to concentrate on higher-value strategic tasks. Fully cloud-based, removing the dependency on any physical, on-premises hardware.
On-prem Active directory- Relies on on-site servers and infrastructure, usually hosted in the organization's data center. Demands considerable administrative effort, covering hardware upkeep, software patching, and ongoing security management. Enables traditional domain to join and group policy management, which are key for controlling user access and enforcing security settings in Windows environments. Scaling involves provisioning extra hardware and careful infrastructure planning, often leading to increased time and costs.
Please look at for more detailed information and also limitations for Microsoft Entra joined session hosts in Azure Virtual Desktop-https://learn.microsoft.com/en-us/azure/virtual-desktop/azure-ad-joined-session-hosts
If you have any further queries, do let us know.
If you found this informative, please consider accepting an answer as a token of appreciation. And don't forget to give it a thumbs up 👍 if it was helpful.