You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/dev-box/how-to-enable-single-sign-on.md
+21-4Lines changed: 21 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,28 +16,28 @@ ms.topic: how-to
16
16
17
17
In this article, you learn how to enable single sign-on (SSO) for dev boxes in Microsoft Dev Box pools.
18
18
19
-
SSO allows the connection to skip the credential prompt and automatically sign the user in to Windows through Microsoft Entra authentication. Microsoft Entra authentication provides other benefits including passwordless authentication and support for third-party identity providers. To get started, review the steps to configure single sign-on.
19
+
SSO allows you to skip the credential prompt when connecting to a dev box and automatically sign in to Windows through Microsoft Entra authentication. Microsoft Entra authentication provides other benefits including passwordless authentication and support for third-party identity providers. To get started, review the steps to configure single sign-on.
20
20
21
21
## Prerequisites
22
22
23
23
To enable SSO for dev boxes, you must configure single sign-on for your organization. For more information, see: [Configure single sign-on for Azure Virtual Desktop using Microsoft Entra ID authentication](/azure/virtual-desktop/configure-single-sign-on).
24
24
25
25
## Enable SSO for dev boxes
26
26
27
-
Single sign-on is enabled at the pool level. Dev Box supports single sign-on for dev box pools that use Microsoft Entra joined networks, not pools using Microsoft Entra hybrid joined networks.
27
+
Single sign-on is enabled at the pool level. Dev Box supports single sign-on for dev box pools that use Microsoft Entra joined networks, and Microsoft hosted network, but not pools using Microsoft Entra hybrid joined networks.
28
28
29
29
When you enable SSO for a pool, all new dev boxes created from that pool use SSO. Existing dev boxes continue to use the existing sign-on method. You can enable single sign-on for dev boxes as you create a pool, or an existing pool.
30
30
31
31
### Enable SSO when creating a new pool
32
32
33
-
To enable SSO for dev boxes in an existing pool, follow these steps:
33
+
To enable SSO for dev boxes as you create a pool, follow these steps:
34
34
35
35
1. Sign in to the [Azure portal](https://portal.azure.com).
36
36
1. In the search box, enter *projects*.
37
37
1. In the list of results, select **Projects**.
38
38
1. Select the project in which you want to create the pool.
39
39
1. In the left menu, under **Manage**, select **Dev box pools**.
40
-
1. In the toolbar, select **Create**
40
+
1. In the toolbar, select **Create**.
41
41
1. On the **Create pool** page, under **Management**, select **Enable single sign-on**.
42
42
43
43
:::image type="content" source="./media/how-to-enable-single-sign-on/create-pool-single-sign-on.png" alt-text="Screenshot that shows the Create pool page in Microsoft Dev Box.":::
@@ -66,6 +66,23 @@ To enable SSO for dev boxes in an existing pool, follow these steps:
66
66
67
67
You can disable SSO for a pool at any time by deselecting the **Enable single sign-on** option on the **Edit pool** page.
68
68
69
+
To disable SSO for dev boxes in an existing pool, follow these steps:
70
+
71
+
1. Sign in to the [Azure portal](https://portal.azure.com).
72
+
1. In the search box, enter *projects*.
73
+
1. In the list of results, select **Projects**.
74
+
1. Select the project that contains the pool you want to disable SSO for.
75
+
1. In the left menu, under **Manage**, select **Dev box pools**.
76
+
1. Select the pool that you want to disable SSO for.
77
+
1. On the line for the pool, at the right end, select **...** and then select **Edit**.
78
+
79
+
:::image type="content" source="media/how-to-enable-single-sign-on/azure-portal-pool-edit.png" alt-text="Screenshot of the Azure portal showing the list of pools in a project with the menu and edit option highlighted.":::
80
+
81
+
1. On the **Edit pool** page, under **Management**, clear **Enable single sign-on**, and then select **Save**.
82
+
83
+
:::image type="content" source="media/how-to-enable-single-sign-on/azure-portal-pool-edit.png" alt-text="Screenshot of the Azure portal showing the list of pools in a project with the menu and edit option highlighted.":::
84
+
85
+
69
86
If you disable single sign-on for a pool, new dev boxes created from that pool prompt the user for credentials. Existing dev boxes continue to use SSO.
0 commit comments