Windows App not working

Question

Windows App not working

Manoj Chauhan 105

Hi Team,

We are unable to login into the azure vdi using the windows app. when users try to login it tries to connect and throws an error. it seems like the connection properties or preferences are cached and not clearing upon a new connection, below is the error message

[Window Title] Remote Desktop [Content] An authentication error has occurred (Code: 0x80080005). Remote computer: [avd-hp1-w11-6.exusia.com] This can happen if sign-in credentials could not be verified, sometimes after recent security updates. Learn more and see recommended workarounds: https://aka.ms/windowsapp1b [^] Hide details [OK] [Expanded Information] Error code: 0x0 Extended error code: 0x0 Timestamp (UTC): 2026-02-03T06:47:25.093Z Activity ID: 4a274745-d6a4-48b1-921d-4e7354020000

Below are the tshoot steps followed.

clearing credentials from credential manager
re-installation of the windows app
restarting the laptop
installing pending updates

Nothing works, and when we use the same credentials via the old remote desktop application, users are able to login.

Please Help !!

Regards,

Manoj.

Oswaldo Roman 0 Reputation points

2026-02-11T14:28:36.4533333+00:00

Hey Manoj,

I Think I saw somewhere that its a security update that was pushed back in mid January that is causing the issue. If I am not mistaken they have already pushed a windows update to fix this. But I also did see that there was a specific security update you could download from Microsoft website that also remediates the issues. Hope this helps! https://learn.microsoft.com/en-us/answers/questions/5736266/windows-app-login-issue

3 answers

Your answer

Oswaldo Roman 0 Reputation points

2026-02-11T14:28:36.4533333+00:00

Hey Manoj,

I Think I saw somewhere that its a security update that was pushed back in mid January that is causing the issue. If I am not mistaken they have already pushed a windows update to fix this. But I also did see that there was a specific security update you could download from Microsoft website that also remediates the issues. Hope this helps! https://learn.microsoft.com/en-us/answers/questions/5736266/windows-app-login-issue

Answer 1

Hi Manoj Chauhan,

Just following up. To further refine the troubleshooting for error 0x80080005, if the AAD Broker reset did not resolve the authentication failure, we must determine if the device’s Primary Refresh Token (PRT) is healthy, as the modern Windows App relies exclusively on WAM (Web Account Manager) while the legacy client does not. Please clarify if the affected machines are Hybrid Azure AD Joined or Standard Azure AD Joined, as this dictates the troubleshooting path for the identity broker and whether we need to debug the dsregcmd /status output for PRT errors.

If the broker reset failed, the next valid step is to repair the specific association between the current user's Windows profile and the Entra ID (Azure AD) account. Navigate to Windows Settings > Accounts > Access work or school. If the account lists a "Fix" button, click it to re-authenticate and repair the PRT; the Windows App will fail with 0x80080005 if this underlying account state is flagged as "Needs Attention" by the OS, even if other apps seem to work. Additionally, verify if the TokenBroker service is running and set to Manual (Trigger Start) in services.msc, as the Windows App has a hard dependency here that the legacy client does not utilize.

I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!

VP

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

Answer 2

VPHAN 32,230 Independent Advisor

Hello Manoj Chauhan,

To resolve this, you should first attempt to reset the identity broker state for the affected users. Open an elevated PowerShell session and execute Get-AppxPackage Microsoft.AAD.BrokerPlugin | Reset-AppxPackage. If the Reset-AppxPackage cmdlet isn't available on your current build, you must manually clear the local identity cache by navigating to %LocalAppData%\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\TokenBroker\Accounts and renaming or deleting the contents. Furthermore, ensure that the registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains doesn't contain conflicting entries that might be forcing the Windows App into an incorrect security zone for the exusia.com domain, which can disrupt the WAM flow.

If the identity reset doesn't stabilize the connection, verify if the client machines have a specific Group Policy Object (GPO) enabled that restricts the use of Web Account Manager for Remote Desktop. Check Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security and ensure "Require use of specific security layer for remote (RDP) connections" isn't set to a value that conflicts with the modern Entra ID authentication expected by the Windows App. Lastly, if your environment uses Conditional Access policies, verify that the "Windows App" (Cloud ID: c63283a0-7193-424a-939e-436f9a0c7760) is allowed or not being blocked by a "Require compliant device" policy that the client machine is currently failing.

I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!

VP

Manoj Chauhan 105 Reputation points

2026-02-05T05:12:48.8233333+00:00

Hi VPHAN,

The above steps did not help neither there is anything wrong with the GPO Settings nor there are any conditional access policies to allow / deny the windows APP.

Appreciate your efforts !

Regards.
Manoj Chauhan 105 Reputation points

2026-02-05T05:17:15.57+00:00

infact after performing the above steps, i see a new error message
VPHAN 32,230 Reputation points Independent Advisor

2026-02-05T06:50:56.72+00:00

The shift from an account status error to a generic connection timeout indicates that while the identity token is likely being issued correctly, the Remote Desktop Protocol signaling phase is failing to establish a stable transport tunnel with the gateway. In the modern Windows App (Azure Virtual Desktop/Windows 365) context, this specific timeout frequently occurs when the client attempts to negotiate RDP Shortpath over UDP and fails without a clean fallback to TCP, or when a local network appliance performs SSL inspection on the WebSocket traffic, effectively severing the reverse connect sequence.

To pinpoint the failure domain, you must immediately attempt the connection using the HTML5 Web Client (client.wvd.microsoft.com or windows365.microsoft.com). If the Web Client connects successfully, the issue is strictly isolated to your local client's network stack. in this scenario, you should verify if your perimeter firewall is blocking outbound UDP traffic on port 3390 or if you are behind a proxy that is not whitelisting the critical *.wvd.microsoft.com and *.servicebus.windows.net wildcards. If the Web Client also times out, the issue resides on the Session Host itself, likely requiring a restart of the Remote Desktop Agent Loader service or an investigation into the RemoteDesktopServices-RdpCoreTS event logs for transport listener failures.

Please clarify if you are connecting to an Azure Virtual Desktop host pool or a Windows 365 Cloud PC, and confirm the result of the Web Client test. We need this specific detail to determine if we should focus on local network traversal or backend agent health.

Answer 3

The error code 0x80080005 typically indicates an authentication or credential handling issue on Windows. Since you mentioned that users can log in using the old Remote Desktop application, it suggests that the problem is isolated to the new Windows app. Here are some additional troubleshooting steps you can try:

Ensure Windows is Updated: Make sure that your Windows PC has the latest updates installed, particularly security updates.
Clear Cached Credentials: You mentioned clearing credentials from the Credential Manager, which is good. Ensure that all entries related to the Azure VDI are removed.
Time Synchronization: Verify that the time and date settings on your PC are synchronized with the domain controller, as mismatched clocks can lead to authentication failures.
Run as Administrator: Try launching the Windows app with elevated permissions (right-click and select "Run as Administrator") to rule out local policy restrictions.
Reinstall the App from Microsoft Store: If you haven't done so already, consider reinstalling the Remote Desktop client from the Microsoft Store instead of using the built-in version, as the Store version may have more frequent updates.
Check Network Connection: Ensure that the device has a stable internet connection and is not behind a restrictive firewall that could block the connection.
Inspect Connection: If applicable, use the Inspect connection action for the Cloud PC to check for potential issues.

If the issue persists after trying these steps, it may be beneficial to consult with your system administrator for further assistance.

References:

Share via

Windows App not working

3 answers

Your answer