Forum Discussion
Sign in failed. Please check your username and password and try again (AVD)
A user is not able to login to any AAD joined Azure Virtual Desktop, getting user/password error.
1. I have reset his password multiple times.
2. Access has been granted and confirmed as everyone else in his team is able to login to the same environment.
3. I tried to temporarily disable the MFA but still same error.
4. He has tried both web browser and remote client app.
5. I assigned him a different AVD that didn't help either.
Does anyone know what the problem could be?
- Hi,
Maybe this is the reason?
https://techcommunity.microsoft.com/t5/azure-compute/login-to-windows-virtual-machine-in-azure-using-azure-ad/m-p/3248282
Regards
Tom- zshah2023Copper Contributor
TomWechsler Thank you for the reply, however the issue is not with the AVD since everyone else in the same security group is able to login without any issue and that particular user gets the same error on other AVD VMs too.
- mmakwanaCopper Contributor1. Have you tried accessing from another network or system with latest Windows patches?
2. What does the Azure AD sign-in log look like?
3. Assuming the user object is Hybrid (syncing from on-premises to Azure AD)?- zshah2023Copper ContributorSorry for the late reply, Yes it is hybrid, AVDs are patched and we have tried from multiple network and devices.
Would suggest isolating the problem by login same workstation using different account, login different workstation, etc. and take a look at logs such as sign-on logs under AAD for more hints
- Chris_Gilles_1337Copper ContributorHello, I just spent countless hours dealing with the same thing. It ended up being a CA Policy blocking authentication due to IPv6.
- george-kayCopper Contributor
About the posted error, "Sign in failed. Please check your username and password and try again", double-check your role assignments. If your session hosts' virtual machine(s) is "Microsoft Entra ID joined", ensure that you have assigned the following two roles at the Resource Group level:
1. "Virtual Machine User Login" - assign this to the AVD users (or Users' group)
2. "Virtual Machine Administrator Login" - assign this to the AVD admins (or Admins' group)Also, ensure your desktop application group is associated with the two personas (users & admins groups).
Something I noticed is that MFA conditional access (CA) policy does not affect the AVD sign-in. At least in my case.