Forum Discussion
[Announcement] Connectivity issues from synchronized users to VMs joined to AAD DS
- Nov 04, 2019
Christian_Montoya : A fix has been rolled out to production for this issue.
Christian_MontoyaAnother week without status update?
Any progress of getting the WVD working again for all of us with Azure DS?
I have only one user out of 30 pilots that get sid failure?
- Cannot see any different attributes on this specific user compared with another user created same week.
- Both accounts created 3 years ago in a local AD.
- Synced to Azure AD with AD connect.
- Local AD and Azure AD connect dismounted and retired 12 month ago.
- Azure DS started for WVD 3 months ago.
/Mr-Tbone
/Torbjörn
MrTbone_se cititechs jeffb8 : Thanks for being patient with us. As an update, we've identified the issue and have taken the first step to solving it, just that's a multi-phase fix/roll-out.
Also, to address some of the feedback, in order to login users and work between cloud/on-prem accounts, there are only so many interfaces and returned values that the system gives us for logon. And, unfortunately, it wasn't as easy as rolling back because then we would then have other sets of users be unable to reconnect to existing sessions.
Will hope to have another update soon regarding the full fix.
- Richard HarrisonAug 27, 2019Copper Contributor
Hi Christian_Montoya ,
The validation pool seems like a good idea (https://docs.microsoft.com/en-gb/azure/virtual-desktop/create-validation-host-pool)
However to make that really viable we need a schedule of upcoming releases to know when we should be validating (and potentially what specific areas to check). Is that something that is also going to be published?
Some control of when updates are pushed would also be very useful - for example if we find an issue during validation can we prevent that being pushed to our environments or would if just get pushed anyway after some timeout period?
Cheers,
Rich
- Richard HarrisonAug 27, 2019Copper Contributor
Christian_Montoya- one other thing to just mention - we recently had some other issues with AADDS and in conversations with the product group there they told us there is a new version of the sync process planned (quite soon I think) from AAD to AADDS - not sure if this helps you in any way with the issues you have - perhaps if you have any requirements for changes these could be included in what that team is doing?
- Christian_MontoyaAug 27, 2019Microsoft
Richard Harrison : Great questions! We definitely intend to push out notice of things coming out the validation pool so it can be tested. We have done this in limited capacity and to smaller groups of customers, but we intend to use this more. We have also not pushed a build all the way to the general population due to issues we've seen in validation, so we plan on using it exactly like you're expecting.
And thank you for the notification. Will bring this up with the Azure AD DS team.
- pau_pedrozaAug 28, 2019Copper Contributor
Christian_Montoya I have deleted and re-created my WVD test environment several times, now I can't longer log in even with users created directly in the Azure cloud, with these accounts, the users before could login. I can no longer log in with synchronized users from my AD On-Premise (ADDS -> AAD -> AADDS) nor with the old ones created directly in Azure (AAD -> AADDS). I can only use the scenario if I create new users in Azure.
ErrorSource : RDBroker
ErrorOperation : OrchestrateSessionHost
ErrorCode : -2146233088
ErrorCodeSymbolic : ConnectionFailedUserSIDInformationMismatch
ErrorMessage : User wahtever@whatever: SID information in the database 'S-1-5-21-1201331163-3862359571-1670876360-8430' does not match SID information returned by agent
'S-1-5-21-1194805571-575163812-3500997978-1549' in the orchestration reply.. This scenario is not supported - we will not be able to redirect the user session.
ErrorInternal : False
ReportedBy : RDGateway
Time : 28/08/2019 3:24:57 p. m.