May 02 2019 10:10 PM
My test account can see the VD in the web browser but I get this error every time I try to connect, it says "opening remote port" and fails. If I try to connect through the app I get told I do not have permission.
I can remote into the VD while I am controlling the server but I cannot access the VD as my admin account that I used to join the VD.
Ideas?
May 03 2019 04:32 AM
I had the same problem, and to solve it I raise the word complix
As a :
o minimum length 12 characters
o Capital letters of European languages (A to Z, with diacritics, Greek and Cyrillic characters)
o Tiny letters from European languages (a to z, sharp-s, with diacritics, Greek and Cyrillic characters)
o Figures in base 10 (0 to 9)
o Non-alphanumeric characters (special characters): (~! @ # $% ^ & * _- + = '| \ () {} \ [] :; »» <>,.? /) currency symbols such as l Euro or a British pound are not considered special characters for this policy setting.
o The password should not be in a dictionary (dictionary attack)
o The password should not be a subject known as Christmas, Easter, Carnival, etc.
May 04 2019 09:47 AM
You mean raise the password complexity yeah? Cause both my test account and the account I used for the UPN have the same password and it is over 12 characters and does contain a + but azure never complained about it while making the WVD.
May 10 2019 02:08 PM
Hello,
Is there any new info regarding this issue? Or increasing password complexity is solution?
Regards,
May 10 2019 02:10 PM
May 13 2019 01:42 AM
@ian11230
I'm having the same issue. Managed to create a tenant and deploy, but can't login. I've added 3 users via Powershell to the user list, none of them are able to open a desktop session.
Using the client (not the web app) just keeps giving me credential prompts until it locks out the account. The web app just gives me an error for all 3 users.
Also keep having random issues with powershell giving me "User is not authorized to query the management service" when I'm signed in with the account I created everything in, which is also the subscription admin.
Have you managed to get any further?
May 13 2019 01:58 AM
Solution@ian11230 If you're using Azure Active Directory Domain Services, you need to make sure the deployed servers are in the "AADDC Computers" OU and you log in using an admin account that is in the "AADDC Users" OU. Make sure the admin user is a member of the "AAD DC Administrators" group in Azure Active Directory.
When I did this, I was finally able to Remote Desktop directly into the deployed VM's in the hostgroup.
May 13 2019 02:08 AM
What about if we have on-premise AD with AD Connect instead Azure ADDS?
Also, one of DCs is in Azure as VM, and HostPool machines are joined to AD.
Regards,
May 13 2019 07:29 AM
@Conrad AgramontI wouldn't want to make the users any sort of admin - I don't think that there should be a need to. The service should be secure by design, so elevating a user must surely be working around a problem, rather than fixing it's cause?
May 13 2019 11:29 AM
Can you help me check/do that? I am still getting used to Azure.
Sep 24 2019 01:31 AM
@vstefanovic Yes, we are in the same scenario. The error message we get when using the desktop client or the web link is:
"Oops, we couldn’t connect to “USSPA-RDSH”. We couldn’t connect to the gateway because of an error. If this keeps happening, ask your admin or tech support for help.”
Any ideas?
Sep 24 2019 05:43 AM
@ian11230 We had the same error message as you. Our solution was to start an Azure P2 trial for our tenant. So I'm guessing it was a licensing issue, but I can't find exactly what license is required, as maybe a cheaper license would have sufficed.
Feb 12 2023 10:14 PM
May 13 2019 01:58 AM
Solution@ian11230 If you're using Azure Active Directory Domain Services, you need to make sure the deployed servers are in the "AADDC Computers" OU and you log in using an admin account that is in the "AADDC Users" OU. Make sure the admin user is a member of the "AAD DC Administrators" group in Azure Active Directory.
When I did this, I was finally able to Remote Desktop directly into the deployed VM's in the hostgroup.