Hi Team, We are getting error while deploying HostPool for Windows Azure Virtual Desktop.{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"Conflict","message":"{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymentFailure\",\r\n \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n \"details\": [\r\n {\r\n \"code\": \"VMExtensionProvisioningError\",\r\n \"message\": \"VM has reported a failure when processing extension 'joindomain'. Error message: \\\"Exception(s) occured while joining Domain 'pratikmishra4739gmail.onmicrosoft.com'\\\"\\r\\n\\r\\nMore information on troubleshooting is available at https://aka.ms/vmextensionwindowstroubleshoot \"\r\n }\r\n ]\r\n }\r\n}"}]} Trouble all the possibilities but none where helpful.

Pratik_Mishra The VM's in the host pool must be Standard domain-joined or Hybrid AD-joined. Virtual machines can't be Azure AD-joined (in the future, AAD joined will be supported). You will need to either deploy or use an existing Domain Controller, or leverage the Azure Active Directory Domain Services (AADDS, not to be confused with AAD) in order to do a Standard domain-join. Please review the requirements for WVD: https://docs.microsoft.com/en-us/azure/virtual-desktop/overview#requirements To learn more about the different identity solutions used with WVD: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/compare-identity-solutions -Jeff

Pratik_Mishra 1. Did you deploy AADDS or did you create a VM to be your DC? 2. Are you specifying the domain name and/or OU in the host pool template? This is an optional step, but if the information entered is not correct, the domain join extension can fail even though you have confirmed the user account and password is correct. 3. Is the host pool VM on the same subnet as where the ADDS/DC is running? 3. Are you able to join a VM to the domain manually? (create a VM, RDP to VM, join to domain from system properties) 4. The link in the error message below has some good steps to follow, including a review of the domain join logs which are on the VM. I would focus on making sure you can join a VM to the domain manually and consistently before trying to troubleshoot the domain join extension. This will confirm that there are no networking related issues between the VM and the DC as well as confirm we are entering the correct domain name, username/password.

GR_C1pD Yes, you are on the right path for it to work! Dont forget to update the DNS server settings on the VNET once you promote the VM to a DC, if it will also contain the DNS role. If you are leaving DNS on-prem, then update VNET DNS to point to that DNS server on prem. Any other VM's you deploy on the VNET will get the DNS server settting automatically; you dont want to hardcode that into the IP properties of the VM. -Jeff

Jeff_Bryant wrt q1 . i deployed aaddswrt q2. i'm specifying <domainname>.onmicrosoft.com should i just be specifying netbios<domainname> and not the fully qualified dns domain name?wrt q3. i'm deploying hostpool to a separate vnet that has peer to peer network connection with aadds_vnetwrt q4. i've successfully establishted a point to site vpn connection to vnet that wvd host pool vms are being deployed to and then successfully joined a localhost hyper-v hosted win10 install to that cloud aadds_vnet hosted azure ad domain services gc/dc pair using the sam vmjoiner@mydomain.onmicrosoft.com account i provided the wvd host pool template. given all that not sure what i do differently next to get my first wvd host pool deployment to succeed past the vm domain join step.

myusrn What version of WVD are you trying to deploy? I would focus on the Spring Update because you don't need to deal with creating an SPN that is used by the DSC script to deploy the host pools and register the session hosts, which is likely why you are getting that error. Go here to create a host pool https://portal.azure.com/#blade/Microsoft_Azure_WVD/WvdManagerMenuBlade/overview -Jeff

Domain Join Error while deploying HostPool

Jeff_Bryant
Microsoft
May 01, 2020
Pratik_Mishra

The VM's in the host pool must be Standard domain-joined or Hybrid AD-joined. Virtual machines can't be Azure AD-joined (in the future, AAD joined will be supported). You will need to either deploy or use an existing Domain Controller, or leverage the Azure Active Directory Domain Services (AADDS, not to be confused with AAD) in order to do a Standard domain-join.

Please review the requirements for WVD:

https://docs.microsoft.com/en-us/azure/virtual-desktop/overview#requirements

To learn more about the different identity solutions used with WVD:

https://docs.microsoft.com/en-us/azure/active-directory-domain-services/compare-identity-solutions

-Jeff
- Pratik_Mishra
  Copper Contributor
  May 02, 2020
  Jeff_Bryant,
  
  Sometimes its working fine as i tried to deployed it yesterday and it got executed successfully, But again i am getting the same error related to domain join. Is there any restriction for the azure test account which is causing the issue.
  
  Regards,
  Pratik
  - Pratik_Mishra
    Copper Contributor
    May 02, 2020
    Attaching error for you reference once again.
    
    Error: Code="VMExtensionProvisioningError" Message="VM has reported a failure when processing extension 'testext'. Error message: \"Exception(s) occured while joining Domain 'rupni.onmicrosoft.com'\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/vmextensionwindowstroubleshoot "
    on virtual_machine_extensions.tf line 1, in resource "azurerm_virtual_machine_extension" "domainJoin":
    1: resource "azurerm_virtual_machine_extension" "domainJoin" {
- myusrn
  Brass Contributor
  Jun 07, 2020
  Jeff_Bryant I'm getting this error in spite of having Azure Active Directory + Azure AD Domain Services deployed and peer networked with my vnet in which the host pool vms are being provisioned. I verified classic domain join works by establishing a point-to-site vpn connection into the vnet, using virtual network gateway setup, and was able to join a localhost hyper-v windows 10 desktop setup that i have. So not sure what to do in order to get wvd host pool template deployed vms to successfully join.
  
  q1. Is there a localhost user account you can connect to the host pool vms that fail to successfully join the domain so you can manually join them?
  
  q2. Is there some permissions pre-provisioning that has to be done for the wvdadmin@myazureaddomain.com account which i specify for wvd host pool tenant group access given the default tenant group and host pool tenant group objects don't seem to exist in my azure ad environment or in my azure resource group before a wvd host pool deployment or after one that failed due to this vm domain join error?
Rahul_Mahajan
Brass Contributor
Aug 05, 2020
For me, it worked after adding Microsoft.AzureActiveDirectory to Service Endpoint in AADDS VNet:
MisabhMHasan
Copper Contributor
Aug 11, 2020
Hi Pratik_Mishra
I was deploying a simple standalone cloud-only model and I the host pool deployment kept on failing for me with the same error. I had a session with partner consultants as well to double-check my configuration and all looked correct. I was able to deploy a host pool the first time, when I was using free trial subscription; but then failed on every subsequent attempts, following the same steps.

Anyway, the alternative worked for me. I created and deployed a virtual machine (VM) and selected different subnet of the same virtual network, did standard domain join of VM, created and deployed a host pool without creating VM and then registered VM to that host pool.

The following were the (workaround) steps that worked for me:

Created and deployed virtual network with two subnets - one dedicated to Azure Active Directory Domain Services (AD DS) and the other for a virtual machine (VM). Refer to Tutorial: Configure virtual networking for an Azure Active Directory Domain Services managed domain for details.
Created and deployed Azure AD DS with the selection of first subnet of a virtual network (created in step 1). Refer to Tutorial: Create and configure an Azure Active Directory Domain Services managed domain for details.
Created and deployed a VM with the selection of second subnet of the same virtual network (created in step 1).
Connected to VM using the 'Connect > RDP' option in Azure portal. Refer to How to connect and sign on to an Azure virtual machine running Windows for details.
After signing in to VM, did standard domain join of VM, by selecting 'Domain' and entering domain name under 'Computer Name' tab in 'System Properties' dialog.
Created and deployed a host pool without adding a VM to host pool at this point (select 'No' option under 'Virtual machines' tab when filling the information required for creating a host pool.
Registered the VM (created and deployed in step 3) to the host pool (created and deployed in step 6). Follow the instructions for registering a VM to a host pool mentioned in Register the virtual machines to the Windows Virtual Desktop host pool . Note that, add the " | Select-Object -ExpandProperty Token" at the end of the command "New-AzWvdRegistrationInfo" to retrieve the registration token value so that, it can be copied to a text file.
I hope this helps.

Kind regards,
Misbah
stepient
Copper Contributor
Sep 15, 2021
I had a similar issue. I had a DC set up on an Azure VM in the same subnet as the session hosts for pool I was creating. What did the trick for me was changing DNS settings on the V-Net to custom (I added the DC IP address).

Forum Discussion

Domain Join Error while deploying HostPool

Share

Resources