Cannot connect to Virtual Machine through Remote Desktop Web Client

Question

Hello,

I am having an issue with my Virtual Machines that I am setting up. In total I have 4 machines that are served to clients. One of the machines seems to work fine, I can log in as the user in Remote Desktop Web Client and they are able to access the desktop. The other three I am having no luck. When I click on the Desktop icon in Remote Desktop Web Client, I am prompted to enter my credentials. This does not happen with the machine that works. The username box is prefilled with ******@address.com which is the user's email address. Entering the password still doesn't allow my in and the error message is "Sign in failed. Please check your username and password and try again". I know the password is correct. I have tried prepending "AzureAD" to that email address and it still doesn't allow me in.

I checked that the user should have access through IAM on the virtual machine and the application group. I have gone through the pages between the one that works and the one that doesn't and I can't seem to find why I am able to connect through one, but not the other 3 which were all built at the same time.

Thanks!

Answer 1

Here is the definitive list of things to check on the 3 non-working Azure VMs - https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-windows

I would prioritize checking RBAC assignment on the VM (Virtual Machine Administrator Login or Virtual Machine User Login - NOTE: even if you are owner or contributor on the VM, that is not enough), among your RDP Properties ensure you have both enablerdsaadauth:i:1 and either targetisaadjoined:i:1 or SSO for AVD has been configured, and that the VM extension (AADLoginForWindows VM extension is installed after managed identity enabled on the VM and has a healthy status) as well as run the

dsregcmd /status

command in a command prompt on one of the non-working VMs. Use the results to direct your troubleshooting next steps.