@amal_azurewvd I have the same issue.  I followed all the steps at this location and still got the error.

@amal_azurewvd I get this error in the web client:  We couldn't connect to the remote PC because of a security error. If this keeps happening, ask your admin or tech support for help.

I think the security error may be related to MFA. I was able to get around it in the desktop client by using a PIN to log in as advised in this link: 

https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows#us...

I can't get in with the web client though, and have entered targetisaadjoined:i:1 in the RDP Properties, so not sure what the problem is.

@Chris_Gilles_1337 You just need to exclude „Azure Windows VM Sign-in“ from the CA policy requiring MFA beside the already mentioned RDP settings. At least this worked for me.

@Xandven_ Your source is at least outdated. Latest technical information about the public preview can be found here: https://docs.microsoft.com/de-de/azure/virtual-desktop/deploy-azure-ad-joined-vm

I have both personal and pooled VMs in my lab setup AAD joined and Intune managed. Compliance policies are applied to both types correctly, so that you can eval them in CA policies accordingly.

So, my answer is not an official Microsoft one, but from all these observations I would say: Yes, host pools can be Intune managed in this public preview.

hi guys 

im experiencing an error when trying to connect to my AADJ VM using Remote Desktop app.

Prereqs are all met :

- device from which i try the connection is aadjoined to the same tenant.

- remote desktop app user is added via IAM with AVD User Login role

- targetisaadjoined:i:1 added to rdp advanced properties

- validation env checked

what else can be missing ?

i can only access my VM from the web client , there is no error there and it works from every device.

Device State |
+----------------------------------------------------------------------+

AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : NO
Device Name : VM-AzureAD-0

+----------------------------------------------------------------------+
| Device Details |
+----------------------------------------------------------------------+

DeviceId : 2b4f6a7b-02ab-4cb5-a220-1fdde507e7e4
Thumbprint : 4C5F4A2D4D8D55093DDE48F7453621FE8382F2B9
DeviceCertificateValidity : [ 2021-07-19 11:01:49.000 UTC -- 2031-07-19 11:31:49.000 UTC ]
KeyContainerId : 21313e88-443a-4391-b4ca-dcdda5e9ee38
KeyProvider : Microsoft Software Key Storage Provider
TpmProtected : NO
DeviceAuthStatus : SUCCESS

+----------------------------------------------------------------------+
| Tenant Details |
+----------------------------------------------------------------------+

TenantName : xxxxxx
TenantId : xxxxxx
Idp : login.windows.net
AuthCodeUrl : https://login.microsoftonline.com/xxx
AccessTokenUrl : https://login.microsoftonline.com/xxxx/oauth2/token
MdmUrl : https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc
MdmTouUrl : https://portal.manage.microsoft.com/TermsofUse.aspx
MdmComplianceUrl : https://portal.manage.microsoft.com/?portalAction=Compliance
SettingsUrl :
JoinSrvVersion : 2.0
JoinSrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/device/
JoinSrvId : urn:ms-drs:enterpriseregistration.windows.net
KeySrvVersion : 1.0
KeySrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/key/
KeySrvId : urn:ms-drs:enterpriseregistration.windows.net
WebAuthNSrvVersion : 1.0
WebAuthNSrvUrl : https://enterpriseregistration.windows.net/webauthn/xxx/
WebAuthNSrvId : urn:ms-drs:enterpriseregistration.windows.net
DeviceManagementSrvVer : 1.0
DeviceManagementSrvUrl : https://enterpriseregistration.windows.net/manage/xxx/
DeviceManagementSrvId : urn:ms-drs:enterpriseregistration.windows.net

+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+

NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : YES
WamDefaultAuthority : organizations
WamDefaultId : https://login.microsoft.com
WamDefaultGUID : {xxxx} (AzureAd)

+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+

AzureAdPrt : YES
AzureAdPrtUpdateTime : 2021-07-19 14:45:18.000 UTC
AzureAdPrtExpiryTime : 2021-08-02 14:45:17.000 UTC
AzureAdPrtAuthority : https://login.microsoftonline.com/xxx
EnterprisePrt : NO
EnterprisePrtAuthority :

+----------------------------------------------------------------------+
| Diagnostic Data |
+----------------------------------------------------------------------+

AadRecoveryEnabled : NO
Executing Account Name : xxxxx
KeySignTest : PASSED

+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+

Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :

+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+

Access Type : DIRECT

+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+

IsDeviceJoined : YES
IsUserAzureAD : YES
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : NO
SessionIsNotRemote : NO
CertEnrollment : none
PreReqResult : WillNotProvision

For more information, please visit https://www.microsoft.com/aadjerrors