Jul 20 2021 06:32 AM - edited Jul 20 2021 06:33 AM
Hello,
I created an Azure Virtual Desktop environment with a connection to Azure AD.
But the session host is shown as unavailable in the environment.
Inside the help checks:
{
"healthCheckName": "DomainJoinedCheck",
"healthCheckResult": "HealthCheckFailed",
"additionalFailureDetails":
{ "message": "SessionHost unhealthy: SessionHost is not joined to a domain",
"errorCode": -2147467259, "lastHealthCheckDateTime": "2021-07-20T12:05:23.3158494Z" }
}
Thanks for your support.
Jul 21 2021 01:01 AM
Jul 21 2021 01:26 AM - edited Jul 21 2021 01:27 AM
Hello Johan Vanneuville,
the validation environment is by No.
The session hosts are 20h2.
Jul 21 2021 01:40 AM
Jul 21 2021 01:51 AM - edited Jul 21 2021 01:53 AM
Hey Johan Vanneuville
I start all over and redeployed it with "Validation Environment" Yes.
But still the same problem.
Jul 21 2021 08:43 AM
Jul 21 2021 09:37 AM - edited Jul 21 2021 09:42 AM
Hey Johan Vanneuville,
this are the results:
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : NO
Device Name : VDI-0
+----------------------------------------------------------------------+
| Device Details |
+----------------------------------------------------------------------+
DeviceId : remove ID
Thumbprint : remove Thumbpring
DeviceCertificateValidity : remove Certificate
KeyContainerId : remove ContainerID
KeyProvider : Microsoft Software Key Storage Provider
TpmProtected : NO
DeviceAuthStatus : SUCCESS
+----------------------------------------------------------------------+
| Tenant Details |
+----------------------------------------------------------------------+
TenantName :
TenantId : remove TenantID
Idp : login.windows.net
AuthCodeUrl : https://login.microsoftonline.com/"TenantID"/oauth2/authorize
AccessTokenUrl : https://login.microsoftonline.com/"TenantID"/oauth2/token
MdmUrl :
MdmTouUrl :
MdmComplianceUrl :
SettingsUrl :
JoinSrvVersion : 2.0
JoinSrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/device/
JoinSrvId : urn:ms-drs:enterpriseregistration.windows.net
KeySrvVersion : 1.0
KeySrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/key/
KeySrvId : urn:ms-drs:enterpriseregistration.windows.net
WebAuthNSrvVersion : 1.0
WebAuthNSrvUrl : https://enterpriseregistration.windows.net/webauthn/"TenantID"/
WebAuthNSrvId : urn:ms-drs:enterpriseregistration.windows.net
DeviceManagementSrvVer : 1.0
DeviceManagementSrvUrl : https://enterpriseregistration.windows.net/manage/"TenantID"/
DeviceManagementSrvId : urn:ms-drs:enterpriseregistration.windows.net
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority :
EnterprisePrt : NO
EnterprisePrtAuthority :
+----------------------------------------------------------------------+
| Diagnostic Data |
+----------------------------------------------------------------------+
AadRecoveryEnabled : NO
Executing Account Name : VDI-0\VDI
KeySignTest : PASSED
+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+
Access Type : DIRECT
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : YES
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : NO
SessionIsNotRemote : NO
CertEnrollment : none
PreReqResult : WillNotProvision
For more information, please visit https://www.microsoft.com/aadjerrors
I can login only with local administration account. I can not log in with my Azure AD account.
Jul 21 2021 09:45 AM
Jul 21 2021 09:49 AM
Jul 21 2021 09:52 AM
Jul 21 2021 09:57 AM
Jul 21 2021 01:15 PM - edited Jul 21 2021 02:26 PM
In your blog you use two security principals (WVD HostPool and WVD Users). This are Azure AD Groups?
After going through the blog article, I had the problem for a few minutes. Nahc about 5 minutes the machine was available.
Thank you very much for your help.
Where I find the ""Network security: Allow PKU2U authentication requests to this computer to use online identities" " settings?
Jul 21 2021 11:08 PM
Jul 22 2021 05:42 AM
Thanks for your help.
I can not login to the Sessionhost with my Azure Credentials.
I see the maschien in my Azure Virtual enviroment. But I can only log in with localadmin credentials.
Jul 23 2021 03:21 PM
@Stefan Kießig Note that we noticed an issue where it can take up to 40 minutes after VMs are deployed for them to be marked as Available. We are investigating.
What error are you seeing when trying to connect? Definitely have a look at: https://docs.microsoft.com/azure/virtual-desktop/troubleshoot-azure-ad-connections
Jul 23 2021 11:15 PM
Jul 26 2021 01:27 PM
@Stefan Kießig What error are you seeing when connecting?
Apr 07 2022 11:05 AM
@Stefan Kießig hi, may I ask how you solved the problem? I have the same problems with Azure Virtual Desktop as you.
Mar 12 2024 02:18 AM