Sign in failed. Please check your username and password and try again (AVD)

Copper Contributor

A user is not able to login to any AAD joined Azure Virtual Desktop, getting user/password error.

1. I have reset his password multiple times.

2. Access has been granted and confirmed as everyone else in his team is able to login to the same environment. 
3. I tried to temporarily disable the MFA but still same error.
4. He has tried both web browser and remote client app.
5. I assigned him a different AVD that didn't help either.

Does anyone know what the problem could be?

 

MicrosoftTeams-image (3).png

9 Replies

@TomWechsler Thank you for the reply, however the issue is not with the AVD since everyone else in the same security group is able to login without any issue and that particular user gets the same error on other AVD VMs too.

1. Have you tried accessing from another network or system with latest Windows patches?
2. What does the Azure AD sign-in log look like?
3. Assuming the user object is Hybrid (syncing from on-premises to Azure AD)?

@zshah2023 

 

Would suggest isolating the problem by login same workstation using different account, login different workstation, etc. and take a look at logs such as sign-on logs under AAD for more hints

Hello, I just spent countless hours dealing with the same thing. It ended up being a CA Policy blocking authentication due to IPv6.
Sorry for the late reply, Yes it is hybrid, AVDs are patched and we have tried from multiple network and devices.
Yes, I tried from multiple devices, no luck
Do we have any resolution on the reported issue, as i have something similar bieng reported for 1 user.

About the posted error, "Sign in failed. Please check your username and password and try again", double-check your role assignments. If your session hosts' virtual machine(s) is "Microsoft Entra ID joined", ensure that you have assigned the following two roles at the Resource Group level:
1. "Virtual Machine User Login" - assign this to the AVD users (or Users' group)
2. "Virtual Machine Administrator Login" - assign this to the AVD admins (or Admins' group)

Also, ensure your desktop application group is associated with the two personas (users & admins groups).
Something I noticed is that MFA conditional access (CA) policy does not affect the AVD sign-in. At least in my case.