Forum Discussion
Azure Virtual Desktop authentication loop
Using the GA client does not solve the problem. There is no error in the Event Viewer on the client. I can only log on with the local admin account. To do so, I need to disable Azure AD SSO.
I notice that an Event ID 4625 is logged in the Security event log of the VM every time I try to connect with an Azure AD account. The Failure Information of the event are:
Failure reason: An Error occured during Logon
Status: 0xC000006D
Sub Status: 0xC0000250
I have not found any useful information regarding the SubStatus. (https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-4625)
I am unable to log on with an Azure AD account even when SSO is disabled. I tried these different ways to enter the username, and none are working:
- email address removed for privacy reasons
- AzureAD\email address removed for privacy reasons
- tenant.onmicrosoft.com\email address removed for privacy reasons
- tenant.onmicrosoft.com\email address removed for privacy reasons
I know the VM is Azure AD joined as there is a device object in AzureAD that has the name of the SessionHost. There is a "Client Authentication" certificate issued by "MS-Organization-Access" which is issued to the GUID corresponding to the Device ID of the VM's device object in Azure AD.
The user is a member of the "Remote Desktop Users" local group in the VM.
As you have suggested, I'll contact Microsoft to try to solve this issue.
Thanks for your time MathieuVandenHautte
GuyMathieuSupport
Can you please reset the password (change the password to a new password) of a user from Azure AD online and try?
Make sure that after resetting the user password, you first "Unsubscribe" from the "Azure Virtual Desktop Preview" and subscribe again with new password.
Let me know if it works or not.