In week-02, I will show you what was my assumption about AVD deployment, how it resulted in and why did I had to shift my thinking.
After deploying the cloud only AVD environment, I assumed that authentication would work automatically because in AD, the authentication is implicit, identity is historically machine-centric and previous years of experience with AD made me trust the defaults would work just fine.
But outcome proved otherwise. User wasn’t able to login to AVD as it said there’s something wrong with the username or password when it’s actually not. Turned out, my assumption of AD authentication would not be same across different AVD architectures. It specifically needs a decision on explicit authentication design for the host pool to enable the Entra ID authentication methods instead of keeping it default.
Here after I would first validate the authentication design before checking anything else.
What’s next in Week 3?
In Week 3, I move beyond identity and start examining network and access boundaries in Azure — especially where defaults feel safe, but design decisions actually matter more than I initially expected.