New Azure WVD deployment - unable to log into WVD portals

mij2020 341 Reputation points

I'm trying to test out the new release of WVD.
Im keeping things simple with just the default desktop application group which has been assigned to one user.
Workspace is there and the application group is assigned to it.

I have a VM running AD in the same virtual network.
Accounts have been created in AD and sync'd to Azure AD using AD Connect.

Because this is a test environment I have no custom domain setup so I am logging into the WVD portal and client with the onmicrosoft account not my internal domain UPN.

When I log into the remote desktop client and try to Subscribe with a user that has been assigned rights to the default desktop application group I receive an error below. Anyone have any ideas?


Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,745 questions
Azure Virtual Desktop
Azure Virtual Desktop
A Microsoft desktop and app virtualization service that runs on Azure. Previously known as Windows Virtual Desktop.
1,042 questions
0 comments No comments
{count} vote

Accepted answer
  1. AmanpreetSingh-MSFT 55,541 Reputation points

    @mij2020 This is an OAuth error. Make sure below service principals are present in your tenant under Azure AD > Enterprise application > All Applications > Search Windows Virtual


    If these are not present, you need to access below URLs and specify Global Admin credentials when you are prompted and "Accept" to create these. If these Service Principals are present and you are still facing the issue, there may be a possiblilty that required permissions are not configured properly. Accessing below URLs will re-configure required permissions. So in both cases, I would suggest you to access Below URLs with Global Admin account and Accept the consent prompt.


    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. mij2020 341 Reputation points

    Thank you - adding these two Enterprise apps allowed the accounts to login.

    Because I was testing the old WVD non ARM system I removed these 2 Enterprise apps because I wanted to completely remove and start again from fresh using the new ARM Spring release version of WVD.

    I had assumed that they would have been re-created if needed for the new release.
    If they are required for the Spring release version - then why were they not created during the provisioning process? I don't see in the new release WVD documentation that I needed to go through the consent process similar to the old way.
    I'm just curious.


    0 comments No comments