diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsEnums.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsEnums.cs
index 853ca2f9da..f0930ffa3a 100644
--- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsEnums.cs
+++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/TdsEnums.cs
@@ -1137,7 +1137,7 @@ internal enum TransparentNetworkResolutionState
 
     internal class ActiveDirectoryAuthentication
     {
-        internal const string AdoClientId = "4d079b4c-cab7-4b7c-a115-8fd51b6f8239";
+        internal const string AdoClientId = "2fd908ad-0664-4344-b9be-cd3e8b574c38";
         internal const string MSALGetAccessTokenFunctionName = "AcquireToken";
     }
 
diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsEnums.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsEnums.cs
index 608d8674f8..eedc7e0c8f 100644
--- a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsEnums.cs
+++ b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/TdsEnums.cs
@@ -1102,7 +1102,7 @@ internal enum TransparentNetworkResolutionState
 
     internal class ActiveDirectoryAuthentication
     {
-        internal const string AdoClientId = "4d079b4c-cab7-4b7c-a115-8fd51b6f8239";
+        internal const string AdoClientId = "2fd908ad-0664-4344-b9be-cd3e8b574c38";
         internal const string MSALGetAccessTokenFunctionName = "AcquireToken";
     }
 
diff --git a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs
index d533fbee58..702ba4f773 100644
--- a/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs
+++ b/src/Microsoft.Data.SqlClient/src/Microsoft/Data/SqlClient/ActiveDirectoryAuthenticationProvider.cs
@@ -48,7 +48,18 @@ public override Task<SqlAuthenticationToken> AcquireTokenAsync(SqlAuthentication
                 .WithAuthority(parameters.Authority)
                 .WithClientName(Common.DbConnectionStringDefaults.ApplicationName)
                 .WithClientVersion(Common.ADP.GetAssemblyVersion().ToString())
+#if netcoreapp
                 .WithRedirectUri("http://localhost")
+#else
+                /* 
+                 * Today, MSAL.NET uses another redirect URI by default in desktop applications that run on Windows
+                 * (urn:ietf:wg:oauth:2.0:oob). In the future, we'll want to change this default, so we recommend
+                 * that you use https://login.microsoftonline.com/common/oauth2/nativeclient.
+                 * 
+                 * https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-desktop-app-registration#redirect-uris
+                 */
+                .WithRedirectUri("https://login.microsoftonline.com/oauth2/nativeclient")
+#endif
                 .Build();
 
             if (parameters.AuthenticationMethod == SqlAuthenticationMethod.ActiveDirectoryIntegrated)