AVD Bicep deployment with ADD joined

%3CLINGO-SUB%20id%3D%22lingo-sub-3033470%22%20slang%3D%22en-US%22%3EAVD%20Bicep%20deployment%20with%20ADD%20joined%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3033470%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EI%E2%80%99m%20trying%20to%20deploy%20AVD%20as%20ADD%20joined%20using%20bicep%20but%20it%20failed%20with%20the%20following%20error%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_4-1638936338966.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332483i5A0F678D28CE78B7%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_4-1638936338966.png%22%20alt%3D%22Vincent_Lapointe_4-1638936338966.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EAny%20idea%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20follow%20steps%20found%20on%20the%20following%20links%20to%20make%20most%20of%20my%20deployment.%3C%2FP%3E%3CP%3ERef%20%3A%20%3CA%20href%3D%22https%3A%2F%2Frozemuller.com%2Favd-automation-cocktail-avd-with-bicep-and-azure-cli%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Frozemuller.com%2Favd-automation-cocktail-avd-with-bicep-and-azure-cli%2F%3C%2FA%3E%3C%2FP%3E%3CP%3ERef%3A%20%3CA%20href%3D%22https%3A%2F%2Ftighetec.co.uk%2F2021%2F07%2F07%2Fdeploy-azure-virtual-desktop-with-project-bicep%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Ftighetec.co.uk%2F2021%2F07%2F07%2Fdeploy-azure-virtual-desktop-with-project-bicep%2F%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnd%20I%20did%20the%20following%20changes%26nbsp%3B%20to%20make%20sure%20it%20is%20ADD%20joined%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3ECreate%20vm%20with%20systemAssigned%20identity%2C%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_0-1638936338948.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332480i75895273F374E0A0%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_0-1638936338948.png%22%20alt%3D%22Vincent_Lapointe_0-1638936338948.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EAdd%20the%20vm%20dscExtension%20extension%20with%20addjoin%20%3D%20true%2C%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_1-1638936338956.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332482i33EB62DD6C3A02D7%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_1-1638936338956.png%22%20alt%3D%22Vincent_Lapointe_1-1638936338956.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EAdd%20the%20vm%20AADLoginForWindows%20extension%2C%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%26nbsp%3B%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_2-1638936338960.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332481i149BA5A7C6291A73%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_2-1638936338960.png%22%20alt%3D%22Vincent_Lapointe_2-1638936338960.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3ECreate%20the%20hostpool%20with%20the%20custom%20RDP%20property%3A%20targetisaadjoined%3Ai%3A1%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_3-1638936338964.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332485i638FF0FA39058D58%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_3-1638936338964.png%22%20alt%3D%22Vincent_Lapointe_3-1638936338964.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20deployment%20succeeds%20without%20any%20error.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20I%20log%20in%20the%20rdweb%20client%2C%20I%20see%20my%20workspace%20and%20desktop%20session.%20Everything%20is%20fine%20so%20far!%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_9-1638936498624.png%22%20style%3D%22width%3A%20218px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332489i78251192F6934CFF%2Fimage-dimensions%2F218x161%3Fv%3Dv2%22%20width%3D%22218%22%20height%3D%22161%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_9-1638936498624.png%22%20alt%3D%22Vincent_Lapointe_9-1638936498624.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHowever%2C%20when%20I%20start%20my%20session%2C%20I%20get%20the%20following%20error%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_4-1638936338966.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332483i5A0F678D28CE78B7%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_4-1638936338966.png%22%20alt%3D%22Vincent_Lapointe_4-1638936338966.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20did%20some%20investigation%20with%20the%20log%20analytics%20and%20found%20more%20info%20on%20the%20connection%20error%20%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CFONT%20color%3D%22%23808080%22%3E%3CEM%3E%E2%80%9C%E2%80%9D%E2%80%9D%20%7B%22Code%22%3A-2147467259%2C%22CodeSymbolic%22%3A%22ConnectionFailedAdErrorNoSuchMember%22%2C%22Time%22%3A%222021-12-07T19%3A15%3A30.5520000Z%22%2C%20%22Message%22%3A%22Failed%20to%20add%20user%20%3D%20%E2%89%A4AzureAD%5C%5Cmyemail%40address.com%E2%89%A5%20to%20group%20%3D%20Remote%20Desktop%20Users.%20Reason%3A%20%26nbsp%3BWin32.ERROR_NO_SUCH_MEMBER%22%2C%22ServiceError%22%3Afalse%2C%22Source%22%3A%22RDAgent%22%7D%E2%80%9D%E2%80%9D%E2%80%9D%3C%2FEM%3E%3C%2FFONT%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHow%20to%20fix%20that%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESome%20notes%3A%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3Emy%20user%20has%20the%20Virtual%20Machine%20User%20Login%20role%20(at%20the%20subscription%20level)%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_5-1638936338967.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332484iEF55A682181720A7%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_5-1638936338967.png%22%20alt%3D%22Vincent_Lapointe_5-1638936338967.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3Emy%20user%20is%20assigned%20to%20the%20application%20group%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_6-1638936338967.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332486i039FB27841E36520%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_6-1638936338967.png%22%20alt%3D%22Vincent_Lapointe_6-1638936338967.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3ESession%20host%20seems%20good%3A%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_7-1638936338968.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332487iEEE42CD175A5D2E2%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_7-1638936338968.png%22%20alt%3D%22Vincent_Lapointe_7-1638936338968.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EIf%20I%20execute%20the%20%3CSTRONG%3Edsregcmd%3C%2FSTRONG%3E%20command%20on%20my%20vm%2C%20I%20get%20the%20following%20%3A%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Vincent_Lapointe_8-1638936338969.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F332488i395C1B4B0224A08C%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Vincent_Lapointe_8-1638936338969.png%22%20alt%3D%22Vincent_Lapointe_8-1638936338969.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3ENote%20that%20I%20see%20the%20following%20error%20from%20the%20log%3A%3C%2FP%3E%3CP%3E%2B----------------------------------------------------------------------%2B%3CBR%20%2F%3E%7C%20Device%20State%20%7C%3CBR%20%2F%3E%2B----------------------------------------------------------------------%2B%3C%2FP%3E%3CP%3EAzureAdJoined%20%3A%20YES%3CBR%20%2F%3EEnterpriseJoined%20%3A%20NO%3CBR%20%2F%3EDomainJoined%20%3A%20NO%3CBR%20%2F%3EDevice%20Name%20%3A%20vm-hsc001-vm-1%3C%2FP%3E%3CP%3E%2B----------------------------------------------------------------------%2B%3CBR%20%2F%3E%7C%20Device%20Details%20%7C%3CBR%20%2F%3E%2B----------------------------------------------------------------------%2B%3C%2FP%3E%3CP%3EDeviceId%20%3A%2003f9ab7d-bd7a-47ab-b007-3e79f4221544%3CBR%20%2F%3EThumbprint%20%3A%207D61C32D0EA9F0894FA0641A8F58A5BFD5E8D0B8%3CBR%20%2F%3EDeviceCertificateValidity%20%3A%20%5B%202021-11-29%2019%3A31%3A13.000%20UTC%20--%202031-11-29%2020%3A01%3A13.000%20UTC%20%5D%3CBR%20%2F%3EKeyContainerId%20%3A%20e503e151-aa77-4e99-8b50-73d9549ad6b0%3CBR%20%2F%3EKeyProvider%20%3A%20Microsoft%20Software%20Key%20Storage%20Provider%3CBR%20%2F%3ETpmProtected%20%3A%20NO%3CBR%20%2F%3EDeviceAuthStatus%20%3A%20FAILED.%20Error%3A8007013d%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EWhen%20I%20deploy%20my%20host%20pool%20manually%20without%20bicep%2C%20the%20same%20user%20could%20log%20in%20the%20desktop%20session%20without%20any%20error.%3C%2FLI%3E%3C%2FUL%3E%3CP%3EAny%20idea%3F%20Where%20should%20I%20look%20for%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3036270%22%20slang%3D%22en-US%22%3ERe%3A%20AVD%20Bicep%20deployment%20with%20ADD%20joined%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3036270%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20I'm%20using%20a%20standard%20image%20like%20the%20%22%3CSTRONG%3Ewin10-21h2-avd-g2%3C%2FSTRONG%3E%22%20or%20%22%3CSTRONG%3E20h1-evd-g2%3C%2FSTRONG%3E%22%20SKU%2C%20I%20don't%20have%20the%20issue%20anymore.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eis%20there%20any%20good%20practice%20or%20known%26nbsp%3Brules%20to%20follow%20when%20creating%20a%20custom%20image%20to%20make%20sure%20it%20is%20working%20in%20AVD%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20custom%20build%20was%20prepared%20from%20the%26nbsp%3B%3CSTRONG%3Ewin10-21h2-avd-g2%3C%2FSTRONG%3E%20image.%20Nothing%20special%20has%20been%20done%20to%20it%20except%20installing%20few%20software%20and%20generalize%20it%20with%20sysprep%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%3CFONT%20color%3D%22%23999999%22%3E%3CEM%3E%20(.%5Csysprep.exe%20%2Fgeneralize%20%2Fshutdown%20%2Foobe%20%2Fmode%3Avm)%3C%2FEM%3E%3C%2FFONT%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3035312%22%20slang%3D%22en-US%22%3ERe%3A%20AVD%20Bicep%20deployment%20with%20ADD%20joined%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3035312%22%20slang%3D%22en-US%22%3EHi%20Johan%2C%3CBR%20%2F%3ETHank%20you%20for%20your%20answer.%3CBR%20%2F%3E%3CBR%20%2F%3EIt%20is%20not%20MFA%20considering%20that%20I%20can%20log%20in%2C%20with%20the%20same%20set%20of%20users%2C%20on%20other%20AVD%20session%20pool%20that%20also%20has%20AAD-joined%20enabled.%3CBR%20%2F%3E%3CBR%20%2F%3ERegards%2C%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3034823%22%20slang%3D%22en-US%22%3ERe%3A%20AVD%20Bicep%20deployment%20with%20ADD%20joined%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3034823%22%20slang%3D%22en-US%22%3EMFA%20could%20be%20causing%20this.%3CBR%20%2F%3ECheck%20this%20link%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-desktop%2Fdeploy-azure-ad-joined-vm%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fvirtual-desktop%2Fdeploy-azure-ad-joined-vm%3C%2FA%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi,

I’m trying to deploy AVD as ADD joined using bicep but it failed with the following error:

 

Vincent_Lapointe_4-1638936338966.png

Any idea?

 

I follow steps found on the following links to make most of my deployment.

Ref : https://rozemuller.com/avd-automation-cocktail-avd-with-bicep-and-azure-cli/

Ref: https://tighetec.co.uk/2021/07/07/deploy-azure-virtual-desktop-with-project-bicep/

 

And I did the following changes  to make sure it is ADD joined

 

  • Create vm with systemAssigned identity,

      Vincent_Lapointe_0-1638936338948.png

 

  • Add the vm dscExtension extension with addjoin = true,

      Vincent_Lapointe_1-1638936338956.png

 

  • Add the vm AADLoginForWindows extension,

      Vincent_Lapointe_2-1638936338960.png

 

  • Create the hostpool with the custom RDP property: targetisaadjoined:i:1

     Vincent_Lapointe_3-1638936338964.png

 

The deployment succeeds without any error.

 

When I log in the rdweb client, I see my workspace and desktop session. Everything is fine so far!

Vincent_Lapointe_9-1638936498624.png

 

However, when I start my session, I get the following error:

Vincent_Lapointe_4-1638936338966.png

 

I did some investigation with the log analytics and found more info on the connection error :

 

“”” {"Code":-2147467259,"CodeSymbolic":"ConnectionFailedAdErrorNoSuchMember","Time":"2021-12-07T19:15:30.5520000Z", "Message":"Failed to add user = ≤AzureAD\\myemail@address.com≥ to group = Remote Desktop Users. Reason:  Win32.ERROR_NO_SUCH_MEMBER","ServiceError":false,"Source":"RDAgent"}”””

 

How to fix that?

 

Some notes: 

  • my user has the Virtual Machine User Login role (at the subscription level)

Vincent_Lapointe_5-1638936338967.png

 

  • my user is assigned to the application group

Vincent_Lapointe_6-1638936338967.png

 

  • Session host seems good:

Vincent_Lapointe_7-1638936338968.png

 

  • If I execute the dsregcmd command on my vm, I get the following :

Vincent_Lapointe_8-1638936338969.png

Note that I see the following error from the log:

+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+

AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : NO
Device Name : vm-hsc001-vm-1

+----------------------------------------------------------------------+
| Device Details |
+----------------------------------------------------------------------+

DeviceId : 03f9ab7d-bd7a-47ab-b007-3e79f4221544
Thumbprint : 7D61C32D0EA9F0894FA0641A8F58A5BFD5E8D0B8
DeviceCertificateValidity : [ 2021-11-29 19:31:13.000 UTC -- 2031-11-29 20:01:13.000 UTC ]
KeyContainerId : e503e151-aa77-4e99-8b50-73d9549ad6b0
KeyProvider : Microsoft Software Key Storage Provider
TpmProtected : NO
DeviceAuthStatus : FAILED. Error:8007013d

 

  • When I deploy my host pool manually without bicep, the same user could log in the desktop session without any error.

Any idea? Where should I look for?

 

Thank you.

 

Regards,

 

3 Replies
Hi Johan,
THank you for your answer.

It is not MFA considering that I can log in, with the same set of users, on other AVD session pool that also has AAD-joined enabled.

Regards,

When I'm using a standard image like the "win10-21h2-avd-g2" or "20h1-evd-g2" SKU, I don't have the issue anymore.

 

is there any good practice or known rules to follow when creating a custom image to make sure it is working in AVD?

 

My custom build was prepared from the win10-21h2-avd-g2 image. Nothing special has been done to it except installing few software and generalize it with sysprep

    (.\sysprep.exe /generalize /shutdown /oobe /mode:vm)

 

Regards,