How to enable concurrent users in Azure Virtual Desktop and allow multiple users to connect to the same virtual machine simultaneously.

Question

How to enable concurrent users in Azure Virtual Desktop and allow multiple users to connect to the same virtual machine simultaneously.

Pramod Singh Tariyal 90

Hello Team

I have created a host pool with pooled and while creating a host pool I created a user called "boxarr". In this host pool I used windows 10 multi session window.

User's image

Microsoft entra ID

User's image

In the application group, I have added 2 users called "pramod" & "eryk". but I'm not able to take a remove session desktop using these 2 users. I logged into windows 10 and created a local user called "pummy". Now boxarr and pummy users can take session desktop but not the users which are in my Azure portal.

User's image

Session desktop

User's image

How can I allow Pramod and Eryk users to login?

Nikhil Duserla 9,280 Reputation points Microsoft External Staff Moderator

2025-03-25T16:28:27.76+00:00

Hi @Pramod Singh Tariyal,

How did you add the 'pummy' user, and what roles have you enabled for 'pummy'? Also, I am unable to see the 'boxarr' and 'pummy' users in the screenshot you provided.
Pramod Singh Tariyal 90 Reputation points

2025-03-25T16:44:26.1+00:00

I added pummy user locally after login into windows 10 machine. pummy user is not a Azure user, it is a local user which I created manually from OS side.
Nikhil Duserla 9,280 Reputation points Microsoft External Staff Moderator

2025-03-25T16:53:10.19+00:00

Hi @Pramod Singh Tariyal, can we have discussion through private message.
Pramod Singh Tariyal 90 Reputation points

2025-03-25T17:37:16.4966667+00:00

Sure Nikhil, Thanks
Pramod Singh Tariyal 90 Reputation points

2025-03-26T09:01:40.9066667+00:00

Can anyone from Microsoft team would handle this please? It's been really long for my this question in multiple thread but there is no help yet.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T09:02:37.15+00:00

Can anyone from Microsoft team would handle this please? It's been really long for my this question in multiple thread but there is no help yet.
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T10:07:04.27+00:00

Dear Pramod,
I'm not form MSFT team but I would like to help u. Based on your scenario, you're trying to allow multiple users (Pramod and Eryk) to connect simultaneously to a Windows 10 multi-session host in your Azure Virtual Desktop pool. Am I right?

rgds,

Alex
Pramod Singh Tariyal 90 Reputation points

2025-03-26T10:14:57.1766667+00:00

Yes @Alex Burlachenko Pramod and eryk are my Azure users. but I created one local user called pummy in windows 10 and 1 user boxarr which I created while creating a host pool. only boxarr and pummy users can take session simultaneously but why not pramod and eryk which are azure users.

PS C:\Users\boxarr> Add-LocalGroupMember -Group "Remote Desktop Users" -Member "AzureAD******@boxarr.com"

Add-LocalGroupMember : AzureAD******@boxarr.com is already a member of group Remote Desktop Users.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T12:21:19.8+00:00
PS C:\Users\boxarr> dsregcmd /status

+----------------------------------------------------------------------+

| Device State |

+----------------------------------------------------------------------+

AzureAdJoined : YES EnterpriseJoined : NO DomainJoined : NO Device Name : pstsh-0

######################

PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'.

At line:1 char:1

Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

+ CategoryInfo : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand

Status Name DisplayName

Running RDAgentBootLoader Remote Desktop Agent Loader

PS C:\Users\boxarr>
Pramod Singh Tariyal 90 Reputation points

2025-03-26T12:28:05.34+00:00

Microsoft Entra ID

The windows 11 is also connected with our Entra id
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T12:56:52.1066667+00:00

Seems like the AVD agent services are not properly installed on your session host.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T13:00:36.7766667+00:00

What to do now? could you please provide me commands or anything because I'm new in Azure and windows.

Alex Burlachenko 18,575 Volunteer Moderator

try to re-install it

# Download the agent
$agentUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv'
$bootloaderUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH'
Invoke-WebRequest -Uri $agentUri -OutFile "$env:TEMP\AVDAgent.msi"
Invoke-WebRequest -Uri $bootloaderUri -OutFile "$env:TEMP\AVDBootLoader.msi"
# Install components
Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDAgent.msi /quiet /norestart"
Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDBootLoader.msi /quiet /norestart"
# Verify installation
Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

after reinst you need register the session host

Import-Module RemoteDesktop
$registrationToken = (Get-AzWvdRegistrationInfo -ResourceGroupName "YOUR_RG" -HostPoolName "YOUR_POOL").Token
.\RDInfraAgent.exe /Register /RegistrationToken $registrationToken

restart services

Restart-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService -Force

check if service is started

Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService | Select Name, Status

agent version

Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" | Select AgentVersion

and monit reg staus

Get-RdsRegistrationInfo -TenantName "YOUR_TENANT" -HostPoolName "YOUR_POOL"

rgds,

Alex.

Pramod Singh Tariyal 90

It's followed these steps but it's still the same

PS C:\Users\boxarr> $agentUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv'
PS C:\Users\boxarr> $bootloaderUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH'
PS C:\Users\boxarr> Invoke-WebRequest -Uri $agentUri -OutFile "$env:TEMP\AVDAgent.msi"
PS C:\Users\boxarr> Invoke-WebRequest -Uri $bootloaderUri -OutFile "$env:TEMP\AVDBootLoader.msi"
PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDAgent.msi /quiet /norestart"
PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDBootLoader.msi /quiet /norestart"
PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent
Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'.
At line:1 char:1
+ Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException
    + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand


Status   Name               DisplayName
------   ----               -----------
Running  RDAgentBootLoader  Remote Desktop Agent Loader


PS C:\Users\boxarr>

Pramod Singh Tariyal 90

PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService | Select Name, Status
Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'.
At line:1 char:1
+ Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService  ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException
    + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand


Name               Status
----               ------
RDAgentBootLoader Running
TermService       Running


PS C:\Users\boxarr> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" | Select AgentVersion

AgentVersion
------------



PS C:\Users\boxarr>

Pramod Singh Tariyal 90

I followed these steps

PS C:\Users\boxarr> $agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv"
PS C:\Users\boxarr> $bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH"
PS C:\Users\boxarr> Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent.msi"
PS C:\Users\boxarr> Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader.msi"
PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList @(
>>     "/i", "$env:TEMP\AVDAgent.msi",
>>     "/quiet",
>>     "/norestart",
>>     "/l*v", "C:\AVDAgent_Install.log"
>> )
PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList @(
>>     "/i", "$env:TEMP\AVDBootLoader.msi",
>>     "/quiet",
>>     "/norestart",
>>     "/l*v", "C:\AVDBootLoader_Install.log"
>> )
PS C:\Users\boxarr> Test-Path "C:\Program Files\Microsoft RDInfra\RDService.exe"
False
PS C:\Users\boxarr> Test-Path "C:\Program Files\Microsoft RDInfra\RDAgent.exe"
False
PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent -ErrorAction SilentlyContinue

Status   Name               DisplayName
------   ----               -----------
Running  RDAgentBootLoader  Remote Desktop Agent Loader


PS C:\Users\boxarr> Get-Content "C:\AVDAgent_Install.log" -Tail 50 | Where-Object { $_ -match "error|fail" }
MSI (s) (34:CC) [13:21:51:836]: Note: 1: 2205 2:  3: Error
MSI (s) (34:CC) [13:21:51:836]: Note: 1: 2228 2:  3: Error 4: SELECT `Message` FROM `Error` WHERE `Error` = 1707
MSI (s) (34:CC) [13:21:51:836]: Note: 1: 2205 2:  3: Error
MSI (s) (34:CC) [13:21:51:836]: Note: 1: 2228 2:  3: Error 4: SELECT `Message` FROM `Error` WHERE `Error` = 1709
MSI (s) (34:CC) [13:21:51:836]: Windows Installer installed the product. Product Name: Remote Desktop Services Infrastructure Agent. Product Version: 1.0.10673.700. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success or error status: 0.
PS C:\Users\boxarr> Get-Content "C:\AVDBootLoader_Install.log" -Tail 50 | Where-Object { $_ -match "error|fail" }
MSI (s) (34:C8) [13:22:06:945]: Note: 1: 2205 2:  3: Error
MSI (s) (34:C8) [13:22:06:945]: Note: 1: 2228 2:  3: Error 4: SELECT `Message` FROM `Error` WHERE `Error` = 1707
MSI (s) (34:C8) [13:22:06:945]: Note: 1: 2205 2:  3: Error
MSI (s) (34:C8) [13:22:06:945]: Note: 1: 2228 2:  3: Error 4: SELECT `Message` FROM `Error` WHERE `Error` = 1709
MSI (s) (34:C8) [13:22:06:945]: Windows Installer installed the product. Product Name: Remote Desktop Agent Boot Loader. Product Version: 1.0.9023.1100. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success or error status: 0.
PS C:\Users\boxarr>

Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T13:44:34.9066667+00:00

((((((((((
Pramod Singh Tariyal 90 Reputation points

2025-03-26T13:49:25.4366667+00:00

If possible to provide me the commands because I'm new to all these.
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T13:55:13.4866667+00:00

(((( bad way... give me a min I would try to make a clear text

Alex Burlachenko 18,575 Volunteer Moderator

I can see from urs logs the MSI installers reported success (status: 0) but critical files are missing. This suggests either. Antivirus blocking file extraction. Disk permissions issues. Corrupted Windows image..

I would advise u to do next... cross fingers... Uninstall All AVD Components Completely

#Stop and remove services
Stop-Service -Name RDAgentBootLoader -Force
Get-WmiObject -Class Win32_Product | Where-Object {
    $_.Name -match "Remote Desktop (Services Infrastructure Agent|Agent Boot Loader)"
} | ForEach-Object { $_.Uninstall() }
#Manual cleanup
Remove-Item -Path "C:\Program Files\Microsoft RDInfra" -Recurse -Force -ErrorAction SilentlyContinue
Remove-Item -Path "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" -Recurse -Force -ErrorAction SilentlyContinue

Download Specific Working Version

#Known stable versions (March 2024)
$agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4AQBt"
$bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4AQBp"
Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent_Fixed.msi"
Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader_Fixed.msi"

Install with Debugging

#Install Agent with verbose logging
Start-Process msiexec.exe -Wait -ArgumentList @(
    "/i", "$env:TEMP\AVDAgent_Fixed.msi",
    "/quiet",
    "/norestart",
    "/l*v", "C:\AVDAgent_FIXED_Install.log",
    "INSTALLFOLDER="C:\Program Files\Microsoft RDInfra\""
)
#Install Bootloader
Start-Process msiexec.exe -Wait -ArgumentList @(
    "/i", "$env:TEMP\AVDBootLoader_Fixed.msi",
    "/quiet",
    "/norestart",
    "/l*v", "C:\AVDBootLoader_FIXED_Install.log"
)

Manual Service Creation

if (-not (Test-Path "C:\Program Files\Microsoft RDInfra\RDService.exe")) {
    Write-Warning "Critical component missing - creating manual service entry"
    New-Service -Name "RemoteDesktopAgent" `
                -BinaryPathName ""C:\Program Files\Microsoft RDInfra\RDAgent.exe"" `
                -DisplayName "Remote Desktop Agent" `
                -StartupType Automatic
}

Final Verification

#Check all critical paths
$criticalPaths = @(
    "C:\Program Files\Microsoft RDInfra\RDService.exe",
    "C:\Program Files\Microsoft RDInfra\RDAgent.exe",
    "C:\Program Files\Remote Desktop Agent\RDAgentBootLoader.exe"
)
$criticalPaths | Test-Path | Format-Table -AutoSize
#Verify services
Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService | Format-Table -AutoSize
#Check registration
Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" | Select-Object AgentVersion, RegistrationToken

if still non, I can see just only one way (I hope it is non production landscape and u just testing it, if so delete the current VM from your host pool. Create a new VM using Windows 10 Enterprise Multi-Session image (critical). Azure AD Join during provisioning. Let Azure automatically install AVD components.

Post-Creation Checks

#Verify proper installation paths
Test-Path "C:\Program Files\Microsoft RDInfra\RDService.exe" # Should return TRUE
#Check Azure AD join status
dsregcmd /status | Select-String "AzureAdJoined"

rgds

Alex

p.s. all code is PowerShell (so strange but its not normally show)

Pramod Singh Tariyal 90

Downloading specific version didn't work

PS C:\Users\boxarr> Remove-Item -Path "C:\Program Files\Microsoft RDInfra" -Recurse -Force -ErrorAction SilentlyContinue
PS C:\Users\boxarr> Remove-Item -Path "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" -Recurse -Force -ErrorAction SilentlyContinue
PS C:\Users\boxarr> $agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4AQBt"
PS C:\Users\boxarr> $bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4AQBp"
PS C:\Users\boxarr> Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent_Fixed.msi"
Invoke-WebRequest : <html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>Microsoft-Azure-Application-Gateway/v2</center>
</body>
</html>
At line:1 char:1
+ Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent_Fixed.m ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
PS C:\Users\boxarr> Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader_Fixed.msi"
Invoke-WebRequest : <html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>Microsoft-Azure-Application-Gateway/v2</center>
</body>
</html>
At line:1 char:1
+ Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoad ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
PS C:\Users\boxarr>

Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T14:44:10.0166667+00:00

Well, I'm not at my monitor, let me an hour, I will come back to you with correction. Alex

Pramod Singh Tariyal 90

These were working previously which I got from chatgpt

# Download AVD Agent and Bootloader (latest versions)
$agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv"
$bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH"

Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent.msi"
Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader.msi"

Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T16:06:24.2733333+00:00

Great so follow that way.... let me to know if it helps.

rgds,

Alex

Pramod Singh Tariyal 90

PS C:\Users\boxarr> $agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv"
PS C:\Users\boxarr> $bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH"
PS C:\Users\boxarr> Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent.msi"
PS C:\Users\boxarr> Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader.msi"
PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList @(
>>     "/i", "$env:TEMP\AVDAgent.msi",
>>     "/quiet",
>>     "/norestart",
>>     "/l*v", "C:\AVDAgent_Install.log"
>> )
PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList @(
>>     "/i", "$env:TEMP\AVDBootLoader.msi",
>>     "/quiet",
>>     "/norestart",
>>     "/l*v", "C:\AVDBootLoader_Install.log"
>> )
PS C:\Users\boxarr> if (-not (Test-Path "C:\Program Files\Microsoft RDInfra\RDService.exe")) {
>>     Write-Warning "Critical component missing - creating manual service entry"
>>     New-Service -Name "RemoteDesktopAgent" `
>>                 -BinaryPathName ""C:\Program Files\Microsoft RDInfra\RDAgent.exe"" `
>>                 -DisplayName "Remote Desktop Agent" `
>>                 -StartupType Automatic
>> }
WARNING: Critical component missing - creating manual service entry
New-Service : Cannot bind argument to parameter 'BinaryPathName' because it is an empty string.
At line:4 char:33
+                 -BinaryPathName ""C:\Program Files\Microsoft RDInfra\ ...
+                                 ~~
    + CategoryInfo          : InvalidData: (:) [New-Service], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Microsoft.PowerShell.Commands.NewServiceCommand

PS C:\Users\boxarr> $criticalPaths = @(
>>     "C:\Program Files\Microsoft RDInfra\RDService.exe",
>>     "C:\Program Files\Microsoft RDInfra\RDAgent.exe",
>>     "C:\Program Files\Remote Desktop Agent\RDAgentBootLoader.exe"
>> )
PS C:\Users\boxarr> $criticalPaths | Test-Path | Format-Table -AutoSize
False
False
False
PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService | Format-Table -AutoSize
Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'.
At line:1 char:1
+ Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService  ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException
    + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand


Status  Name              DisplayName
------  ----              -----------
Running RDAgentBootLoader Remote Desktop Agent Loader
Running TermService       Remote Desktop Services


PS C:\Users\boxarr> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" | Select-Object AgentVersion, RegistrationToken

AgentVersion RegistrationToken
------------ -----------------
             INVALID_TOKEN


PS C:\Users\boxarr> Test-Path "C:\Program Files\Microsoft RDInfra\RDService.exe"
False
PS C:\Users\boxarr> dsregcmd /status | Select-String "AzureAdJoined"

             AzureAdJoined : YES


PS C:\Users\boxarr>

Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T16:37:45.3033333+00:00

What i can see from all of it.... nned to think...

Critical component missing that means the system tried to create a manual service entry for the Remote Desktop Agent, but the BinaryPathName parameter was empty, causing an error.

Installation failure means the critical components (RDService.exe, RDAgent.exe, RDAgentBootLoader.exe) were not found after installation.

Service check the RDAgentBootLoader and TermService services are running, but RemoteDesktopAgent is missing.

Registry issue AgentVersion field is empty, and the RegistrationToken is marked as INVALID_TOKEN.

Azure AD Join status The machine is successfully joined to Azure AD (AzureAdJoined: YES).

The Remote Desktop Agent installation failed, resulting in missing binaries and an invalid registration token. While the system recognizes the Azure AD join status, the agent is not functioning correctly. Further troubleshooting is required to resolve the missing files and invalid token. So that is explain whats going on...

need to think...lets wait may be any one of community members will have an additional ideas?

rgds,

Alex
Pramod Singh Tariyal 90 Reputation points

2025-03-26T22:53:29.8533333+00:00

I deleted hostpool and created again with windows 11 multi session and picked microsoft entra id option to connect in host pool but i can't see it's connected after login in

That's why host pool is showing unavailable
Pramod Singh Tariyal 90 Reputation points

2025-03-27T10:00:08.4+00:00

Anyone here to help? I'm really fed up with this Azure and windows things, I'm a AWS linux guy.
Nikhil Duserla 9,280 Reputation points Microsoft External Staff Moderator

2025-03-27T11:06:58.43+00:00

Hi @Pramod Singh Tariyal, I am working around on your issue will be back ASAP.
Pramod Singh Tariyal 90 Reputation points

2025-03-27T11:21:50.5766667+00:00

Hi @Nikhil Duserla I just messaged you the way you suggested. Just waiting for your reply.
chrischin 1,000 Reputation points Microsoft Employee

2025-03-27T21:00:19.91+00:00
Hi @Pramod Singh Tariyal ,

Sorry to hear you are running into issues deploying Azure Virtual Desktop.

I have read through the comments and think there is some confusion on how it works, which is different than regular Remote Desktop.

While you can continue to RDP (3389) directly to the session hosts using local accounts, we cannot treat Entra identities the same. They will need additional configuration to work.

AVD/Entra identity access requires both:

The device, your session host VM be Entra-joined.

The identity accessing the AVD deployment must be an Entra identity from the same tenant as #1 and require some special Entra RBAC role assignments described below.

Given the above, we can check the following:

The session host VM/device

Run the dsregcmd /status again on the new session host and verify it is showing AzureADJoined : YES

Ensure a managed identity has been enabled on the session host VM

Ensure the AADLoginForWindows extension was successfully installed

Entra should also show the device as joined

The session host should show "Can connect" on your new deployment. If you click into it, it may indicate which check failed.

The users (pramod, eryk)

In order for Entra identities to log into a Windows desktop, the above must all be done, the users additionally need these role assignments:

Desktop Virtualization User assigned to Application Group which should automatically happen when you assign user access to Application Group. You can double check via IAM blade on Application Group.

Virtual Machine User Login role or Virtual Machine Administrator Login role assigned to the session host VM or above (could be parent resource group). This is the #1 cause of login failure for Entra identities when I help customers. If you assign to the parent resource group, you won't have to worry about this if you add additional session hosts to the host pool later.

To connect using pramod, eryk, Entra identities, also called web accounts you must check a special box in the advanced tab if using MSTSC (Use a web account to sign in to the remote computer), for simplicity, I would recommend you test with the Remote Desktop client app installed via MSI (https://learn.microsoft.com/en-us/previous-versions/remote-desktop-client/connect-windows-cloud-services?tabs=windows-msrdc-msi) or the Remote Desktop web client (https://client.wvd.microsoft.com/arm/webclient/index.html).

Host Pool

RDP Properties

Must enable Microsoft Entra single sign-on with Connections will use Microsoft Entra authentication to provide single sign-on

Ensure Max session limit can accommodate more than 2 users

When you use local users, the OS determines if they are allowed to connect or not. When using Entra users, Entra determines whether an Entra identity can connect or not via role assignment of Virtual Machine User|Admin Login roles to the properly configured VM.

Lastly, it could be a regional thing but the name for the second NT Service for me (in the U.S.) is not RemoteDesktopAgent, it is RDAgent which could explain why your query came up empty when checking if it is in the running state.

This should get you working, especially if you started from a fresh deployment.

Answer accepted by question author

1 additional answer

Your answer

Nikhil Duserla 9,280 Reputation points Microsoft External Staff Moderator

2025-03-25T16:28:27.76+00:00

Hi @Pramod Singh Tariyal,

How did you add the 'pummy' user, and what roles have you enabled for 'pummy'? Also, I am unable to see the 'boxarr' and 'pummy' users in the screenshot you provided.
Pramod Singh Tariyal 90 Reputation points

2025-03-25T16:44:26.1+00:00

I added pummy user locally after login into windows 10 machine. pummy user is not a Azure user, it is a local user which I created manually from OS side.
Nikhil Duserla 9,280 Reputation points Microsoft External Staff Moderator

2025-03-25T16:53:10.19+00:00

Hi @Pramod Singh Tariyal, can we have discussion through private message.
Pramod Singh Tariyal 90 Reputation points

2025-03-25T17:37:16.4966667+00:00

Sure Nikhil, Thanks
Pramod Singh Tariyal 90 Reputation points

2025-03-26T09:01:40.9066667+00:00

Can anyone from Microsoft team would handle this please? It's been really long for my this question in multiple thread but there is no help yet.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T09:02:37.15+00:00

Can anyone from Microsoft team would handle this please? It's been really long for my this question in multiple thread but there is no help yet.
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T10:07:04.27+00:00

Dear Pramod,
I'm not form MSFT team but I would like to help u. Based on your scenario, you're trying to allow multiple users (Pramod and Eryk) to connect simultaneously to a Windows 10 multi-session host in your Azure Virtual Desktop pool. Am I right?

rgds,

Alex
Pramod Singh Tariyal 90 Reputation points

2025-03-26T10:14:57.1766667+00:00

Yes @Alex Burlachenko Pramod and eryk are my Azure users. but I created one local user called pummy in windows 10 and 1 user boxarr which I created while creating a host pool. only boxarr and pummy users can take session simultaneously but why not pramod and eryk which are azure users.

PS C:\Users\boxarr> Add-LocalGroupMember -Group "Remote Desktop Users" -Member "AzureAD******@boxarr.com"

Add-LocalGroupMember : AzureAD******@boxarr.com is already a member of group Remote Desktop Users.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T12:21:19.8+00:00

PS C:\Users\boxarr> dsregcmd /status

+----------------------------------------------------------------------+

| Device State |

+----------------------------------------------------------------------+

AzureAdJoined : YES EnterpriseJoined : NO DomainJoined : NO Device Name : pstsh-0

######################

PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'.

At line:1 char:1

Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

+ CategoryInfo : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand

Status Name DisplayName

Running RDAgentBootLoader Remote Desktop Agent Loader

PS C:\Users\boxarr>
Pramod Singh Tariyal 90 Reputation points

2025-03-26T12:28:05.34+00:00

Microsoft Entra ID

The windows 11 is also connected with our Entra id
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T12:56:52.1066667+00:00

Seems like the AVD agent services are not properly installed on your session host.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T13:00:36.7766667+00:00

What to do now? could you please provide me commands or anything because I'm new in Azure and windows.
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T13:04:23.4+00:00

try to re-install it

# Download the agent $agentUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv' $bootloaderUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH' Invoke-WebRequest -Uri $agentUri -OutFile "$env:TEMP\AVDAgent.msi" Invoke-WebRequest -Uri $bootloaderUri -OutFile "$env:TEMP\AVDBootLoader.msi" # Install components Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDAgent.msi /quiet /norestart" Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDBootLoader.msi /quiet /norestart" # Verify installation Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

after reinst you need register the session host

Import-Module RemoteDesktop $registrationToken = (Get-AzWvdRegistrationInfo -ResourceGroupName "YOUR_RG" -HostPoolName "YOUR_POOL").Token .\RDInfraAgent.exe /Register /RegistrationToken $registrationToken

restart services

Restart-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService -Force

check if service is started

Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService | Select Name, Status

agent version

Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" | Select AgentVersion

and monit reg staus

Get-RdsRegistrationInfo -TenantName "YOUR_TENANT" -HostPoolName "YOUR_POOL"

rgds,

Alex.
Pramod Singh Tariyal 90 Reputation points

2025-03-26T13:11:17.2366667+00:00

It's followed these steps but it's still the same

PS C:\Users\boxarr> $agentUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv' PS C:\Users\boxarr> $bootloaderUri = 'https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH' PS C:\Users\boxarr> Invoke-WebRequest -Uri $agentUri -OutFile "$env:TEMP\AVDAgent.msi" PS C:\Users\boxarr> Invoke-WebRequest -Uri $bootloaderUri -OutFile "$env:TEMP\AVDBootLoader.msi" PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDAgent.msi /quiet /norestart" PS C:\Users\boxarr> Start-Process msiexec.exe -Wait -ArgumentList "/i $env:TEMP\AVDBootLoader.msi /quiet /norestart" PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'. At line:1 char:1 + Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand Status Name DisplayName ------ ---- ----------- Running RDAgentBootLoader Remote Desktop Agent Loader PS C:\Users\boxarr>
Pramod Singh Tariyal 90 Reputation points

2025-03-26T13:12:43.2233333+00:00

PS C:\Users\boxarr> Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService | Select Name, Status Get-Service : Cannot find any service with service name 'RemoteDesktopAgent'. At line:1 char:1 + Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent, TermService ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (RemoteDesktopAgent:String) [Get-Service], ServiceCommandException + FullyQualifiedErrorId : NoServiceFoundForGivenName,Microsoft.PowerShell.Commands.GetServiceCommand Name Status ---- ------ RDAgentBootLoader Running TermService Running PS C:\Users\boxarr> Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" | Select AgentVersion AgentVersion ------------ PS C:\Users\boxarr>
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T13:44:34.9066667+00:00

((((((((((
Pramod Singh Tariyal 90 Reputation points

2025-03-26T13:49:25.4366667+00:00

If possible to provide me the commands because I'm new to all these.
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T13:55:13.4866667+00:00

(((( bad way... give me a min I would try to make a clear text
Pramod Singh Tariyal 90 Reputation points

2025-03-26T14:36:29.06+00:00

Downloading specific version didn't work

PS C:\Users\boxarr> Remove-Item -Path "C:\Program Files\Microsoft RDInfra" -Recurse -Force -ErrorAction SilentlyContinue PS C:\Users\boxarr> Remove-Item -Path "HKLM:\SOFTWARE\Microsoft\RDInfraAgent" -Recurse -Force -ErrorAction SilentlyContinue PS C:\Users\boxarr> $agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4AQBt" PS C:\Users\boxarr> $bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE4AQBp" PS C:\Users\boxarr> Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent_Fixed.msi" Invoke-WebRequest : <html> <head><title>502 Bad Gateway</title></head> <body> <center><h1>502 Bad Gateway</h1></center> <hr><center>Microsoft-Azure-Application-Gateway/v2</center> </body> </html> At line:1 char:1 + Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent_Fixed.m ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand PS C:\Users\boxarr> Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader_Fixed.msi" Invoke-WebRequest : <html> <head><title>502 Bad Gateway</title></head> <body> <center><h1>502 Bad Gateway</h1></center> <hr><center>Microsoft-Azure-Application-Gateway/v2</center> </body> </html> At line:1 char:1 + Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoad ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand PS C:\Users\boxarr>
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T14:44:10.0166667+00:00

Well, I'm not at my monitor, let me an hour, I will come back to you with correction. Alex
Pramod Singh Tariyal 90 Reputation points

2025-03-26T15:45:36.0533333+00:00

These were working previously which I got from chatgpt

# Download AVD Agent and Bootloader (latest versions) $agentUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrmXv" $bootloaderUrl = "https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWrxrH" Invoke-WebRequest -Uri $agentUrl -OutFile "$env:TEMP\AVDAgent.msi" Invoke-WebRequest -Uri $bootloaderUrl -OutFile "$env:TEMP\AVDBootLoader.msi"
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T16:06:24.2733333+00:00

Great so follow that way.... let me to know if it helps.

rgds,

Alex
Alex Burlachenko 18,575 Reputation points Volunteer Moderator

2025-03-26T16:37:45.3033333+00:00

What i can see from all of it.... nned to think...

Critical component missing that means the system tried to create a manual service entry for the Remote Desktop Agent, but the BinaryPathName parameter was empty, causing an error.

Installation failure means the critical components (RDService.exe, RDAgent.exe, RDAgentBootLoader.exe) were not found after installation.

Service check the RDAgentBootLoader and TermService services are running, but RemoteDesktopAgent is missing.

Registry issue AgentVersion field is empty, and the RegistrationToken is marked as INVALID_TOKEN.

Azure AD Join status The machine is successfully joined to Azure AD (AzureAdJoined: YES).

The Remote Desktop Agent installation failed, resulting in missing binaries and an invalid registration token. While the system recognizes the Azure AD join status, the agent is not functioning correctly. Further troubleshooting is required to resolve the missing files and invalid token. So that is explain whats going on...

need to think...lets wait may be any one of community members will have an additional ideas?

rgds,

Alex
Pramod Singh Tariyal 90 Reputation points

2025-03-26T22:53:29.8533333+00:00

I deleted hostpool and created again with windows 11 multi session and picked microsoft entra id option to connect in host pool but i can't see it's connected after login in

That's why host pool is showing unavailable
Pramod Singh Tariyal 90 Reputation points

2025-03-27T10:00:08.4+00:00

Anyone here to help? I'm really fed up with this Azure and windows things, I'm a AWS linux guy.
Nikhil Duserla 9,280 Reputation points Microsoft External Staff Moderator

2025-03-27T11:06:58.43+00:00

Hi @Pramod Singh Tariyal, I am working around on your issue will be back ASAP.
Pramod Singh Tariyal 90 Reputation points

2025-03-27T11:21:50.5766667+00:00

Hi @Nikhil Duserla I just messaged you the way you suggested. Just waiting for your reply.

Answer 1

Hi @Pramod Singh Tariyal,

Thank you for your availability on call.

User was not granted Virtual Machine User Login or Virtual Machine Administrator Login role

In Azure portal go to WVD VM > Select Access control (IAM) > Select Role Assignments > Confirm the User account has

been granted Virtual Machine User Login or Virtual Machine Administrator Login

Checked have the necessary licenses to allow multiple users to connect to the virtual machine.

Ensure RDP property targetisaadjoined:i:1 was added to the AVD host pool. So, add going through. Navigate to Azure portal > select host pool configured for Azure AD Joined > select RDP Properties blade > Select Advanced Tab > added- targetisaadjoined:i:1

May have "per user MFA" enabled - which does not work with AVD, disable it. as per: Log in to a Windows virtual machine in Azure by using Microsoft Entra ID - Microsoft Entra | Microsoft Learn

I have provided more details, hope it helps. If it does, I would request you to kindly please consider accepting it as an answer and do a thumbs up at “Was it helpful”. This in turn will benefit other community members with similar scenario navigate better to right solution User's image

Pramod Singh Tariyal 90 Reputation points

2025-03-28T11:50:59.0566667+00:00

Thank you so much @Nikhil Duserla for a call and fix my problem. The documents you provided are very useful which Eryk and I appreciate.

Answer 2

Okay Pramod, sorry for delay... long term write...

So... Verify VM Azure AD Join Status

Run this command in PowerShell on the session host

dsregcmd /status

Check:

AzureAdJoined shows "YES"
DomainJoined shows "YES" (if hybrid)
WorkplaceJoined shows "NO"

Re-register the Session Host with AVD

Import-Module RemoteDesktop
Set-RdsContext -TenantId "YOUR_TENANT_ID"
Get-RdsSessionHost -TenantName "YOUR_TENANT" -HostPoolName "YOUR_POOL" | Restart-SessionHost

Check AVD Agent Status

Get-Service -Name RDAgentBootLoader, RemoteDesktopAgent

Both services should be "Running"

Validate User Assignments in Azure Portal

Go to Azure Virtual Desktop > Application Groups Select your application group

Under Assignments, confirm both users are explicitly listed or part of an assigned group

Force Token Refresh (For Testing)

On the session host do next:

Reset-AzVMADDomainExtension -ResourceGroupName "YOUR_RG" -VMName "YOUR_VM_NAME"

Check Event Logs for Errors

Get-WinEvent -LogName 'Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational' | Where-Object {$_.LevelDisplayName -eq "Error"}

Critical Configuration Often Missed

Azure AD Device Settings:

Azure Portal > Azure Active Directory > Devices > Device settings. Ensure "Users may join devices to Azure AD" is set to All

RDP Properties:

On the session host, run:

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name "UserAuthentication" -Value 1

Network Level Authentication

Ensure NLA is enabled in System Properties > Remote tab _ Azure NSG rules allow 3389

After making these changes

Have Pramod attempt connection via Official AVD client (not MSTSC)

Using exact Azure AD UPN (******@bosarr.com)

During connection, they should see Azure AD login prompt

Monitor connection attempts in:

Azure Portal > AVD > Host Pools > Monitoring

Session host Event Viewer > Applications and Services Logs > Microsoft > Windows > TerminalServices

_And last one Remove local users (they bypass AVD security and licensing)

Focus on Azure AD users only for proper management. if issues persist, consider recreating the host pool with next fresh Windows 10 Multi-session image. Proper Azure AD join during deployment. I'm pretty sure this approach ensures proper Azure AD authentication flow rather than local authentication which is currently working but not the recommended approach for AVD.

rgds,

Alex.

p.s. let me to know if its help

Share via

How to enable concurrent users in Azure Virtual Desktop and allow multiple users to connect to the same virtual machine simultaneously.

1 additional answer

Your answer