New Azure WVD deployment - unable to log into WVD portals

mij2020 366 Reputation points

I'm trying to test out the new release of WVD.
Im keeping things simple with just the default desktop application group which has been assigned to one user.
Workspace is there and the application group is assigned to it.

I have a VM running AD in the same virtual network.
Accounts have been created in AD and sync'd to Azure AD using AD Connect.

Because this is a test environment I have no custom domain setup so I am logging into the WVD portal and client with the onmicrosoft account not my internal domain UPN.

When I log into the remote desktop client and try to Subscribe with a user that has been assigned rights to the default desktop application group I receive an error below. Anyone have any ideas?


Azure Virtual Desktop
Azure Virtual Desktop
A Microsoft desktop and app virtualization service that runs on Azure. Previously known as Windows Virtual Desktop.
1,449 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,542 questions
0 comments No comments
{count} vote

Accepted answer
  1. AmanpreetSingh-MSFT 56,506 Reputation points

    @mij2020 This is an OAuth error. Make sure below service principals are present in your tenant under Azure AD > Enterprise application > All Applications > Search Windows Virtual


    If these are not present, you need to access below URLs and specify Global Admin credentials when you are prompted and "Accept" to create these. If these Service Principals are present and you are still facing the issue, there may be a possiblilty that required permissions are not configured properly. Accessing below URLs will re-configure required permissions. So in both cases, I would suggest you to access Below URLs with Global Admin account and Accept the consent prompt.


    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. mij2020 366 Reputation points

    Thank you - adding these two Enterprise apps allowed the accounts to login.

    Because I was testing the old WVD non ARM system I removed these 2 Enterprise apps because I wanted to completely remove and start again from fresh using the new ARM Spring release version of WVD.

    I had assumed that they would have been re-created if needed for the new release.
    If they are required for the Spring release version - then why were they not created during the provisioning process? I don't see in the new release WVD documentation that I needed to go through the consent process similar to the old way.
    I'm just curious.


    0 comments No comments