Setup of Azure VDI with on-Prem AD

Sean Buckle 21 Reputation points
2020-11-18T09:17:26.937+00:00

Hello All,

I am at wits end with this one. i am trying to create a Azure Virtual Desktop environment proof of concept and am having issues when trying to create the VM's in the host pool. They are not able to join the domain.

We are using a hybrid environment, using AADSync to sync the on premise AD to Azure. I have set up the Azure Active Directory Service, but still cannot get the VM's to join.

Is there a comprehensive set of instructions on how to setup the Azure Virtual Desktop environment using on premise synced AD? We do have a Site-to-Site VPN connection already set up.

Any help would be appreciated.

Kind Regards,
Sean Buckle

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,805 questions
0 comments No comments
{count} votes

Accepted answer
  1. Andreas Baumgarten 108K Reputation points MVP
    2020-11-19T10:36:11.49+00:00

    Hi Sean,
    "Error Code 1355" means "no domain found" or "ERROR_NO_SUCH_DOMAIN".

    The reason can be: DNS - The WVD VM isn't able to resolve the domain name "ADDS.Crofting.gov.scot" or if the DNS is working the VM can't reach a domain controller because of network issues,

    In which Virtual Network are the DCs of the Azure ADDS domain? In which network is the WVD VM? If different Virtual Networks you have peering activated between the Virtual Networks?

    I would recommend: Connect to the WVD VM via RDP and try to ping the domain "ADDS.Crofting.gov.scot". If everything is ok with DNS you should get a response from one of the DCs of "ADDS.Crofting.gov.scot" with an IP of one of the 2 DCs.
    You could also try to join the VM to the domain manually. Maybe the error message you will get is more clear.


    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten


4 additional answers

Sort by: Most helpful
  1. Andreas Baumgarten 108K Reputation points MVP
    2020-11-18T15:08:37.057+00:00

    Yes the Azure ADDS UPN is different than the Azure AD and i think different to your on-premises AD as well.

    The Azure AD DS UPN of a user is: [username]@[FQDN of the Azure ADDS domain]

    You can check the Azure ADDS domain name in the Azure Portal:

    40873-azureadds.jpg

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    1 person found this answer helpful.

  2. Andreas Baumgarten 108K Reputation points MVP
    2020-11-18T10:54:04.27+00:00

    If you already setup an Azure AD DS you see the users synced from the Azure AD? (Just to verify the Azure AD and Azure AD DS working together properly)
    What error message you get when you the WVD VMs are joining the Azure AD DS?
    You specify the right user FQDN to join the VM in the Azure AD DS? It should be `[username]@[domainname-of-your-AzureADDS.something]``


    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten


  3. Andreas Baumgarten 108K Reputation points MVP
    2020-11-18T14:35:18.273+00:00

    What is the name of the Azure AD DS domain?

    The user you used for joining the domain has had a "@crofting.gov.scot" User Principal Name?

    If you want to join a WVD VM to the Azure AD DS you have to use a user with the User Principal Name of the Azure AD DS.

    For instance:
    My Azure AD = xyz.de
    My Azure AD DS = ad.xyz.de

    Admin in in the Azure AD DS = xadmin@ad.xyz.de
    This is the account I used to add a WVD VM to the Azure ADDS call ad.xyz.de without any problem.


    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten


  4. Andreas Baumgarten 108K Reputation points MVP
    2020-11-19T09:45:31.847+00:00

    Hi Sean,

    which account are you using to join the VM to "adds.crofting.gov.scot"?

    It should be a user "[admin]@adds .crofting.gov.scot" ... where [admin] is a user with domain admin rights in the "adds.crofting.gov.scot".

    After you get the error message you could check for more details:
    The VM should be deployed. In the Azure Portal navigate to "Virtual Machine" and take a look on the VM. In the "Extension" section of the VM you should see the "joindomain" extension. Click on "joindomain" and there you should see the "Status" and some more details if there is an issue. These details should point to more details of the issue.

    40979-joindomainextension1.jpg

    41095-joindomainextension2.jpg

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.