Unable to launch AVD instances from both: Remote desktop client or web client

Copper Contributor

Hello,

 

I deployed an AVD setup yesterday with two host pools.

1. First pool has Win 11 22h2 two personal desktops.

2. Second pool has one Win 11 22h2 multi session desktop for Remote app.

 

All the configuration that is required from AVD side has been done. Added the users in the RG and to the VM instances and to the application groups assignments too. With this I can see the desktops are published but cannot seem to launch it. Keep getting error:

 

Oops, we couldn't connect to "SessionDesktop" Sign in failed. Please check your username and password and try again.

 

I tried with changing keyboard layout, used on screen keyboard but get the same error as above.

 

then I logged on to a machine in the same vnet as these VMs, and still get the same error.

One more thing that I noted was, when I tried launching the personal desktops, I could see the above error but on the portal I could see my user was assigned to the desktop. I unassigned my user from the desktop, launched again and same error. 

 

I have checked the pku2u registry and its configured correctly. Group policy setting for allowing pku2u is also enabled. 

psping gives me below result when I run it:

 

psping rdbroker.wvdselfhost.microsoft.com:443

PsPing v2.10 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2016 Mark Russinovich
Sysinternals - www.sysinternals.com

TCP connect to 20.166.3.36:443:
5 iterations (warmup 1) ping test:
Connecting to 20.166.3.36:443 (warmup): from 10.221.32.33:52736: 1.76ms
Connecting to 20.166.3.36:443: from 10.221.32.33:52737: 1.52ms
Connecting to 20.166.3.36:443: from 10.221.32.33:52743: 1.77ms
Connecting to 20.166.3.36:443: from 10.221.32.33:52745: 3.58ms
Connecting to 20.166.3.36:443: from 10.221.32.33:52746: 1.91ms

TCP connect statistics for 20.166.3.36:443:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 1.52ms, Maximum = 3.58ms, Average = 2.19ms

 

I still cannot seem to launch the VMs. 

 

When I do a dsregcmd /status on the multisession VM, it gives me below for my user account:

 

Server Error Code : interaction_required
Server Error Description : AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access.

 

This error pointed me to the MFA CA policy. So I reached out to the AD team who manage the CA and MFA policies. They donot see any risky logins or MFA based errors for me or for another account. In fact, they see a login successful for the test account however, I still got the same error message and could not launch the desktop at all.

 

Oops, we couldn't connect to "SessionDesktop" Sign in failed. Please check your username and password and try again.

 

Can someone please help me resolve this. 

 

 

0 Replies