You Need the Right to Sign in Through Remote Desktop Services

Copper Contributor

Hi

 

We have created a Windows Virtual Desktop pool in Azure (Azure is connected back to our on-premise AD via a site-to-site VPN).

When I sign in as a domain admin I can log in fine to the desktop pool. When I tried as a standard user account I get this error message:

image.png

 

I have already ran the Add-RdsAppGroupUser cmdlet in PowerShell.

When I check the Remote Desktop Users group in lusrmgr.msc on the remote desktop (we only have one in the pool currently for testing) I can see that the user account is in there.

 

Any ideas please?

 

Thank you.

8 Replies

@CyclopsHelpdesk : Just to confirm, are you using the Windows Virtual Desktop clients to connect to the VM? Or are you trying to launch just a direct RDP connection to the VM?

Hi @Christian_Montoya, I've tried both approaches, and also the WVD client via the web browser.

@CyclopsHelpdesk : Can you try the troubleshooting steps indicated here: https://docs.microsoft.com/en-us/azure/virtual-desktop/troubleshoot-client-connection ?

 

Specifically, it would be great to see which error message you get.

Hi

We no longer get this error since recreating the WVD pool and joining it to Azure AD and not our on-premise AD.
We also still run:
Add-RdsAccount -DeploymentUrl https://rdbroker.wvd.microsoft.com
Add-RdsAppGroupUser -TenantName 'Tenant Name' -HostPoolName 'Host Pool Name' -AppGroupName 'Desktop Application Group' -UserPrincipalName user@azureaddomain.com
When you say "joining it to Azure AD", do you mean an Active Directory that exists on a virtual network in your Azure subscription? Or do you mean "Azure AD Join", the Windows 10 feature?

Hi @Christian_Montoya 

 

When joining it to Azure Active Directory (bought through the Azure marketplace).

@CyclopsHelpdesk : We do not support Azure Active Directory. If you're following the steps in the Azure Marketplace, then that would be a standard Windows Server Active Directory domain join.

Hi @Christian_Montoya 

 

When creating the WVD you have to join it to a domain - I did not use a DC set up manually in Azure or an on-premise DC. I used an Azure Active Directory from the Marketplace - all working fine - https://docs.microsoft.com/en-us/azure/virtual-desktop/tenant-setup-azure-active-directory