How to access azure virtual Desktop over browser with joined domain ?

Question

Im trying to connect to azure virtual Desktop over the browser via client.wvd.microsoft.com.

worked already with aad

It worked already I used just Azure active directory and could easily join via a user with the azure role "virtual machine user".

wont work with azure active directory domain services

Now I deployed active directory domain services joined my vm in my host pool to my domain. But this time I cant join to the VM via browser anymore.

I added targetisaadjoined:i:1; to my host pool rdp properties.

After the prompt I just get the generic message.

Sign in failed. Please check your username and password and try again.

And just god knows how ofter I reseted that pw and tried another user.

When I try the vm admin login.

I see the VM login but then it says again the login is incorrect.

I can easily rdp into the machine if I open the RDP port and add a public ip which I DONT WANT. In the machine everything seems fine ...

What else have I checked.

• networking
• user privileges -> till global admin role
• user credentials for sure !

Really running out of ideas here any help is appreciated.

Answer 1

The targetisaadjoined:i:1; is for Azure AD joined hosts this is not the used for Azure AD Domain Services joined VMs so remove this.

Your existing Azure AD accounts need to sync to the AAD DS service and first you will need need to reset your user password (once off job) in order to get the password hash created in the correct format.

https://learn.microsoft.com/en-us/azure/active-directory-domain-services/synchronization#synchronization-from-azure-ad-to-azure-ad-ds