SOLVED

Add-RdsAccount : One or more errors occurred.

Copper Contributor

Hi to all! 

 

I'm Testing the new Windows Virtual Desktop on Azure...

I'm following this link https://docs.microsoft.com/en-us/azure/virtual-desktop/tenant-setup-azure-active-directory to create the service on my Azure Tenant.

When i'm tring to add the rds account to my tenant with powershell it sends me the next error:

Add-RdsAccount : One or more errors occurred.

At line:1 char:1

+ Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    + CategoryInfo          : NotSpecified: (:) [Add-RdsAccount], AggregateException

    + FullyQualifiedErrorId : System.AggregateException,Microsoft.RDInfra.RDPowershell.Context.AddRdsAccount

 

i was searching any similar errors on the web but there is nothing about it. I hope you may help me.

 

This is my psping output:

 

./psping.exe rdbroker.wvd.microsoft.com:443

PsPing v2.10 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2016 Mark Russinovich
Sysinternals - www.sysinternals.com

TCP connect to 52.177.206.73:443:
5 iterations (warmup 1) ping test:
Connecting to 52.177.206.73:443 (warmup): from 192.168.11.143:20539: 155.41ms
Connecting to 52.177.206.73:443: from 192.168.11.143:20541: 168.12ms
Connecting to 52.177.206.73:443: from 192.168.11.143:20542: 2366.36ms
Connecting to 52.177.206.73:443: from 192.168.11.143:20543: 161.27ms
Connecting to 52.177.206.73:443: from 192.168.11.143:20544: 168.14ms

TCP connect statistics for 52.177.206.73:443:
Sent = 4, Received = 4, Lost = 0 (0% loss),
Minimum = 161.27ms, Maximum = 2366.36ms, Average = 715.97ms

12 Replies

@Manuel Alejandro Peña Sánchez 

 

We are experiencing the same issue. Microsoft's customer support can't help as this service is still in preview. 

 

Did you manage to resolve this issue?

 

Thanks.

@Jez85 

 

No Jez, I came here cause Support also send me here. If i have any feed back or a solution i'll be posting it. 

Ensure you are following the steps to described on consent and assigning the tenantcreator role. The issues you are running into are resulting from missing steps: https://docs.microsoft.com/en-us/azure/virtual-desktop/tenant-setup-azure-active-directory

@Eva Seydl 

 

Thanks Eva... I really followed step by step the guide that you told me but didn't work.

best response confirmed by Manuel Alejandro Peña Sánchez (Copper Contributor)
Solution

@Jez85 

@Eva Seydl 

 

Hi all,

 

I was observing al AAD relation between my subscriptions and this is the conclusion that solved my problem.

 

1. I am a Global Admin (Guest User) of a AAD where i was creating the WVD Service, like the guide says.

2. I observed that when you log-on with add-rdsaccount it takes the aadid of your account not the one that you are using to create the service, so in my case will never get that i was a Global Admin of the AAD that i was really using. I know it seems obvious but, Cause my account was member from another AAD ID.

3. So i created a new global admin user in the AAD that i used to register the WVD Service.

4. I run again the aad-rdsaccount and the command runned without problem.

 

So my recommendation is to see back on the aadid that you registered and verify that the account it's not only global admin so also it's should appears like a member of the AAD where you registered the WVD Enterprise Application.

 

Hopes it helps you @Jez85 

@Manuel Alejandro Peña Sánchez 

 

Thanks for sharing! I will try it out.

@Manuel Alejandro Peña Sánchez 

Glad to know your problem is fixed. A quick question - is your account MFA enabled? 

No @manjeetr in my case there is no MFA enable on the account i used to register the RDS.
But to do the register i guess you may do it with a MFA account and then change it to a Service Principal, like the guides says.

Thanks @Manuel Alejandro Peña Sánchez 

 

In my case, I am not that far in the process. I am not able to sign in to WVD using Add-RdsAccount command. After granting service permissions and assigning TenantCreator role to my id, the command -

 

Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"

 

fails with the error - 

 

Add-RdsAccount : One or more errors occurred.
At line:1 char:1
+ Add-RdsAccount -DeploymentUrl "https://rdbroker.wvd.microsoft.com"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Add-RdsAccount], AggregateException
+ FullyQualifiedErrorId : System.AggregateException,Microsoft.RDInfra.RDPowershell.Context.AddRdsAccount

 

I have installed and imported WVD module for the Powershell successfully using the following - 

https://docs.microsoft.com/en-us/powershell/windows-virtual-desktop/overview

Just got the same issue with PowerShell core, unfortunately I have founded here https://github.com/MicrosoftDocs/azure-docs/issues/27827 that the reason is because those cmdlet are not supported yet on PowerShell core.
Thanks a lot! It worked!

Just ran into this issue.

 

The $creds for a Service Principal expire after some time, and an expired credential will throw this vague error.

 

You can re-generate your Service Principal's password using:

$svcPrincipalCreds = New-AzureADApplicationPasswordCredential -ObjectId "your-service-principal-id"

 

Use Get-AzureADApplication to find your principal's ID if you don't have it.

1 best response

Accepted Solutions
best response confirmed by Manuel Alejandro Peña Sánchez (Copper Contributor)
Solution

@Jez85 

@Eva Seydl 

 

Hi all,

 

I was observing al AAD relation between my subscriptions and this is the conclusion that solved my problem.

 

1. I am a Global Admin (Guest User) of a AAD where i was creating the WVD Service, like the guide says.

2. I observed that when you log-on with add-rdsaccount it takes the aadid of your account not the one that you are using to create the service, so in my case will never get that i was a Global Admin of the AAD that i was really using. I know it seems obvious but, Cause my account was member from another AAD ID.

3. So i created a new global admin user in the AAD that i used to register the WVD Service.

4. I run again the aad-rdsaccount and the command runned without problem.

 

So my recommendation is to see back on the aadid that you registered and verify that the account it's not only global admin so also it's should appears like a member of the AAD where you registered the WVD Enterprise Application.

 

Hopes it helps you @Jez85 

View solution in original post