Troubleshoot the Remote Desktop client for iOS and iPadOS when connecting to Azure Virtual Desktop
This article describes issues you may experience with the Remote Desktop client for iOS and iPadOS when connecting to Azure Virtual Desktop and how to fix them.
In this section you'll find troubleshooting guidance for general issues with the Remote Desktop client.
Remote Desktop Client doesn't show expected resources
If the Remote Desktop Client doesn't show the remote resources you're expecting to see, check the account you're using. If you've already signed in with a different account than the one you want to use for Azure Virtual Desktop, you should first sign out, then sign in again with the correct account. If you're using the Remote Desktop Web client, you can use an InPrivate browser window to try a different account.
If you're using the correct account, make sure your application group is associated with a workspace.
Your account is configured to prevent you from using this device
If you come across an error saying Your account is configured to prevent you from using this device. For more information, contact your system administrator, ensure the user account was given the Virtual Machine User Login role on the VMs.
The user name or password is incorrect
If you can't sign in and keep receiving an error message that says your credentials are incorrect, first make sure you're using the right credentials. If you keep seeing error messages, check to make sure you've fulfilled the following requirements:
- Have you assigned the Virtual Machine User Login role-based access control (RBAC) permission to the virtual machine (VM) or resource group for each user?
- Does your Conditional Access policy exclude multi-factor authentication requirements for the Azure Windows VM sign-in cloud application?
If you've answered "no" to either of those questions, you'll need to reconfigure your multi-factor authentication. To reconfigure your multi-factor authentication, follow the instructions in Enforce Azure Active Directory Multi-Factor Authentication for Azure Virtual Desktop using Conditional Access.
VM sign-ins don't support per-user enabled or enforced Azure AD Multi-Factor Authentication. If you try to sign in with multi-factor authentication on a VM, you won't be able to sign in and will receive an error message.
If you can access your Azure AD sign-in logs through Log Analytics, you can see if you've enabled multi-factor authentication and which Conditional Access policy is triggering the event. The events shown are non-interactive user login events for the VM, which means the IP address will appear to come from the external IP address that your VM accesses Azure AD from.
You can access your sign-in logs by running the following Kusto query:
let UPN = "userupn"; AADNonInteractiveUserSignInLogs | where UserPrincipalName == UPN | where AppId == "38aa3b87-a06d-4817-b275-7a316988d93b" | project ['Time']=(TimeGenerated), UserPrincipalName, AuthenticationRequirement, ['MFA Result']=ResultDescription, Status, ConditionalAccessPolicies, DeviceDetail, ['Virtual Machine IP']=IPAddress, ['Cloud App']=ResourceDisplayName | order by ['Time'] desc
Authentication and identity
In this section you'll find troubleshooting guidance for authentication and identity issues with the Remote Desktop client.
Delete existing security tokens
If you're having issues signing in due to a cached token that has expired, do the following:
Open the Settings app for iOS or iPadOS.
From the list of apps, select RD Client.
Under AVD Security Tokens, toggle Delete on App Launch to On.
Try to subscribe to a workspace again. For more information, see Connect to Azure Virtual Desktop with the Remote Desktop client for iOS and iPadOS.
Toggle Delete on App Launch to Off once you can connect again.
Issue isn't listed here
If your issue isn't listed here, see Troubleshooting overview, feedback, and support for Azure Virtual Desktop for information about how to open an Azure support case for Azure Virtual Desktop.