Forum Discussion

143fil's avatar
143fil
Copper Contributor
Nov 16, 2024

AVD Re-join AzureAD / EntraI

Hi everybody,

I have an issue that I accidently did a "dsregcmd /leave" on my Azure Virtual Desktop machine. The environment is Cloud Only so I don't have an Active Directory onprem.

As today everything worked good but I had to move the AVD to another subscription. The login for the users didn't work anymore so I tried differtent things and the last one was the dsregcmd /leave. One of the worst decicions of my life.

 

Does anybody have an idea how I can rejoin this VM back to Entra without creating a new VM? There are several applications with many custom changes so that a new VM would be the worst.

 

I tried dsregcmd /join /debug which ended in error code
DsrCLI: logging initialized.
Cannot start Task: 0x80041326
Failed to schedule Join Task. Error: 0x80041326
DeleteFileW returned 0x80070002.

I tried dsregcmd /forcerecovery /debug which ended in the error code
CAA50024
and
DsrCLI: logging initialized.
DsrCmdRecovery::DetermineIfRecoveryIsNeeded: DsrGetJoinInfoEx returned no join information.
DsrCmdRecovery::DetermineIfRecoveryIsNeeded: Forcing return of S_OK instead of S_FALSE.
DsrCmdRecovery::DetermineIfRecoveryIsNeeded returned 0x00000000 (NEED RECOVERY).
DsrCmdRecovery::NotifyUser returned 0x00000000.

 

The command 
az vm extension set --publisher Microsoft.Azure.ActiveDirectory --name AADLoginForWindows ..

gave me an feedbach with "Succeeded" but did't change anything.


How can I rejoin this device to Entra so that the users can login with their Entra Identities again? Because it is a multi-session-AVD I don't have the options to join this device to entra in Settings > Accounts.....

 

I hope someone can help me with this problem.

  • Would suggest the device status by dsregcmd /status and remove existing certificate by follow command: dsregcmd /leave

    • 143fil's avatar
      143fil
      Copper Contributor

      dsregcmd /staus shows this:

      +----------------------------------------------------------------------+
      | Device State                                                         |
      +----------------------------------------------------------------------+

                   AzureAdJoined : NO
                EnterpriseJoined : NO
                    DomainJoined : NO
                     Device Name : AVD-0

      +----------------------------------------------------------------------+
      | User State                                                           |
      +----------------------------------------------------------------------+

                          NgcSet : NO
                 WorkplaceJoined : NO
                   WamDefaultSet : NO

      +----------------------------------------------------------------------+
      | SSO State                                                            |
      +----------------------------------------------------------------------+

                      AzureAdPrt : NO
             AzureAdPrtAuthority : NO
                   EnterprisePrt : NO
          EnterprisePrtAuthority : NO

      +----------------------------------------------------------------------+
      | IE Proxy Config for Current User                                     |
      +----------------------------------------------------------------------+

            Auto Detect Settings : YES
          Auto-Configuration URL :
               Proxy Server List :
               Proxy Bypass List :

      +----------------------------------------------------------------------+
      | WinHttp Default Proxy Config                                         |
      +----------------------------------------------------------------------+

                     Access Type : DIRECT

      +----------------------------------------------------------------------+
      | Ngc Prerequisite Check                                               |
      +----------------------------------------------------------------------+

                  IsDeviceJoined : NO
                   IsUserAzureAD : NO
                   PolicyEnabled : NO
                PostLogonEnabled : YES
                  DeviceEligible : YES
              SessionIsNotRemote : YES
                  CertEnrollment : none
                    PreReqResult : WillNotProvision

      For more information, please visit https://www.microsoft.com/aadjerrors

       

      So the problem is that I don't get the device back into state AzureAdJoined : YES

Resources