Forum Discussion

Norphus's avatar
Norphus
Copper Contributor
Mar 20, 2020
Solved

Error when connecting to MVD - 0x3000047

I have recently deployed WVD thanks to the current global crisis. It is working well for most of our users, apart from one. When she tries to connect to WVD via the web client, she gets this: ...
  • DavidBelanger's avatar
    DavidBelanger
    Mar 24, 2020

    serge I think you are on the right track. Here's what we see internally:

     

    Client gets an Error during Orchestration. 
    Orchestration failed. Code=0x80075a1e, symbolicCode: E_PROXY_ORCHESTRATION_UNKNOWN_ERROR, message: Failed to add user = ≤USERNAME REMOVED≥ to group = Remote Desktop Users. Reason: Win32.ERROR_NO_SUCH_MEMBER, target: (null):4

DavidBelanger's avatar
DavidBelanger
Icon for Microsoft rankMicrosoft
Mar 24, 2020

serge I think you are on the right track. Here's what we see internally:

 

Client gets an Error during Orchestration. 
Orchestration failed. Code=0x80075a1e, symbolicCode: E_PROXY_ORCHESTRATION_UNKNOWN_ERROR, message: Failed to add user = ≤USERNAME REMOVED≥ to group = Remote Desktop Users. Reason: Win32.ERROR_NO_SUCH_MEMBER, target: (null):4

Norphus's avatar
Norphus
Copper Contributor
Mar 25, 2020

DavidBelanger OK, so that's interesting.

 

In AD, she's mailto:a.user@domain.com while in AAD she's mailto:a.user@domain.com. Both accounts are linked but have different UPNs in either service. I take it that's the problem then?

 

/edit Actually, no, somehow she's managed to end up with two accounts in O365, one synced from AD and a cloud account. Of course, she's trying to use the Cloud account to get in. What fun.

 

Thank you for your help.

  • Bogdan Grozoiu's avatar
    Bogdan Grozoiu
    Copper Contributor
    Mar 25, 2020

    Norphus 

     

    The UPNs must be the same in on-prem DC(-s) and Azure AD.

    What we've just done was to:

    1. Open “Active Directory Domains and Trusts
    2. On the left hand side of the new window, right click on “Active Directory Domains and Trusts”, and select “Properties
    3. Type in the domain suffix of the user allowed to use WVD, in to the “Alternative UPN suffixes” box, and then click “Add”.
    4. Modify the user logon name property of the respective user from (e.g:) mailto:username@domain.local to mailto:username@domain.tld (as the user has it in O365 / AAD tenant) 
    5. Try again.

    TLDR;

    Make sure the O365 UPN is the same with the User Logon Name in local Active Directory.

    • DavidBee's avatar
      DavidBee
      Copper Contributor
      May 07, 2020

      Thank you.

       

      This solved my problem with a session pool where the VMs were not joined to the Azure AD DS domain, but were in an internal domain, with a separate isolated domain controller on a VM within the same subscription.

       

Resources