Deployment failure #27773
Comments
|
@Diwiton, I'm getting the same error. I was thinking if it was caused by lack of "administrative access" on the created host pool, or Set-TargetResource is casuing a conflict |
|
@Diwiton, I've added "domain computers" to my AD Account. It works now when i tried it for the 2nd time. Not sure it this was the fix, or it was just an intermittent error the 1st time around. |
|
@Diwiton, I've also added Windows Virtual Desktop tenant name as xxxxxxxxx.onmicrosoft.com for the 2nd time attempt. |
|
@chunsiongtan, I do not follow exactly. I cant see how I can add ".onmicrosoft.com" to my WVD Tenant Name. My WVD Tenant name is "Diwitest Virtual Desktop". Im also using Azure AD Domain Services in my test setup and Im not sure how to assign the "Domain Computers" group to my admin account. |
|
My bad, I meant something like this. Let me try to run the template again without the "domain computers" group |
|
By the way @Diwiton, I'm using AD DS on VM. https://docs.microsoft.com/en-us/azure/virtual-desktop/overview#requirements |
|
No I do not mean Azure AD joined. The session hosts VM's will be joined to Azure AD Domain Services, Microsofts hosted ADDS. Of course ADDS on VM is an option, but I like the concept of Azure ADDS because you do not need to worry about updates and backup and do not need to install Azure AD Connect, its built in to the service. It would be stupid (in my opinion) for Microsoft not to support WVD on Azure ADDS machines. |
|
I read the link you supplied with the requirements now and it says: "A Windows Server Active Directory in sync with Azure Active Directory. This can be enabled through: Azure AD Domain Services is what I run so it seems thats not the problem at least. However, in my directory I can not add user accounts (or any members at all) to the Domain Computers group. |
|
@Diwiton Thank you for your query . We will investigate and update further. |
|
I received this error yesterday and after investigating the dsc package I uncovered that I had not correctly following the pre-reqs of creating the tenant with powershell and also granting the proper role on the app registration. |
|
Ok, tenant is created with PowerShell and the role TenantCreator is assignee to the service principal per the dokumentation. Dora the user adding the CM’s to the domain need to have the TenantCreator role as well? |
|
The user I used for domain join in my deployment did NOT have the TenantCreator role. |
|
When WVD was first released the documentation did not have the link to create the tenant, this caused a lot of confusion and led to that DSC failure on deployment. Follow the below links: https://docs.microsoft.com/en-us/powershell/windows-virtual-desktop/overview - install WVD PS Module Then you can move on to deploying the WVD marketplace offer. |
|
I guess I spoke too soon. Even after adding the tenant, following the guide step by step, I am still getting the same DSC failure. It's joining my Active Directory domain, but still failing on the DSC with the same error. |
|
Same issue here also. Been trying since yesterday. Not sure what else to try |
|
So, I just had a successful deployment after ensuring that my AD Connect was synchronizing to Azure AD. Usually in my demo tenant I don't use AD Connect or have it on, but I think for this deployment to succeed - you have to have AD Connect set up and running, to sync the AD DS users to Azure AD. Once doing this, and specifying the UPN of the synchronized AD DS Users (user@verifiedo365domain.com) during the deployment (Page 1 of WVD Deployment) this worked. I think since it is assigning the users you specify on page 1 to the tenant, that something is requiring that sync to be active in order to work. I'll continue to see if I can make further progress... |
|
That could be my issue, maybe. I'm all Azure ADDS; no on-premises AD. |
|
I also had the same problem with AADDS, it kept failing on the DSCextension. Now i booted a VM with ADDS and now i got WVD to work. So it seems that AADDS is not working (yet) |
|
Leon, I've got to the point where I can see my Session Desktop in the WVD client, but when I click on it I get an error, 'invalid connection file'. After the deployment, did you do anything else before you were able to connect? It authenticated my UPN user/password, and pulled down the webfeed and the session desktop - but I can't launch it. |
|
@rbergertd I'm also now struggling to get the RDP connection to work. My WVD is now deployed without errors, but when i publish an RemoteApp (Calc.exe for example) i get an error message: Can't connect to the Remote Desktop Gateway Server. |
|
@LeonJansen just out of curiosity, could you try the automatically created SessionDesktop and see if it lets you in that way? Sorry, I am just hoping I'm not alone at this point! :) |
|
@rbergertd Nope, that also doesn't work. So we are at the same level right now ;-) I will try some stuff to get it to work. I'll send you a message when i found something. |
|
@LeonJansen I think we may be at a stand still until Microsoft fixes things on the broker/gateway side. That's the point we're at with accessing the resource. If you navigate to the directory where the RDP file is launching from (my previous screen shot) you can 'edit' the .RDP file and look, it's going thru their Gateway at this point. If you try and double click the .RDP file from there, you'll get further errors. It's not even trying to connect before it errors out. I think at this point, this will be something Microsoft looks into. Let me know if you make any progress, I am going to call it a day. :) https://i.imgur.com/vQo85x0.png |
|
What is the status of your session host when queried with Get-RdsSessionHost |
|
What’s weird is I discovered the web client works fine but still having issues with the RDP file. Continuing to look into this.
Get Outlook for iOS<https://aka.ms/o0ukef>
…________________________________
From: tiktb8 <notifications@github.com>
Sent: Saturday, March 23, 2019 7:28 AM
To: MicrosoftDocs/azure-docs
Cc: Berger, Ryan; Mention
Subject: Re: [MicrosoftDocs/azure-docs] Deployment failure (#27773)
This email originated outside of Tech Data. Please help keep our organization and partners safe. It's up to us; think before you click.
What is the status of your session host when queried with Get-RdsSessionHost
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_MicrosoftDocs_azure-2Ddocs_issues_27773-23issuecomment-2D475861896&d=DwMCaQ&c=qk747rkER3kecdav6nsl8A&r=SPZRUkJ2cu5Q7lB-yS5fZGrUVvZyfyrKplF8Wmk95LI&m=vLFqnxZ_FUAymz-5tC17VST1VHwLlTPY4-WVUAeNgWc&s=qbbCM-UfDDlrn34e5_ETIiCHHyd4MUFT36A8CxQ5FME&e=>, or mute the thread<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_Ar0Uf0Tk0-2DfQJTeEYpef88yiyNRJOXt1ks5vZg-2D-2DgaJpZM4cDACN&d=DwMCaQ&c=qk747rkER3kecdav6nsl8A&r=SPZRUkJ2cu5Q7lB-yS5fZGrUVvZyfyrKplF8Wmk95LI&m=vLFqnxZ_FUAymz-5tC17VST1VHwLlTPY4-WVUAeNgWc&s=5N-CCoaKe67Q1TcQjfK3o07or_PQJD8GgrPhR2K9dQc&e=>.
|
|
[cid:image002.jpg@01D4E24B.319CA100]
The RDS Session Host looks good.
From: tiktb8 <notifications@github.com>
Sent: Saturday, March 23, 2019 7:28 AM
To: MicrosoftDocs/azure-docs <azure-docs@noreply.github.com>
Cc: Berger, Ryan <Ryan.Berger@techdata.com>; Mention <mention@noreply.github.com>
Subject: Re: [MicrosoftDocs/azure-docs] Deployment failure (#27773)
This email originated outside of Tech Data. Please help keep our organization and partners safe. It's up to us; think before you click.
What is the status of your session host when queried with Get-RdsSessionHost
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_MicrosoftDocs_azure-2Ddocs_issues_27773-23issuecomment-2D475861896&d=DwMCaQ&c=qk747rkER3kecdav6nsl8A&r=SPZRUkJ2cu5Q7lB-yS5fZGrUVvZyfyrKplF8Wmk95LI&m=vLFqnxZ_FUAymz-5tC17VST1VHwLlTPY4-WVUAeNgWc&s=qbbCM-UfDDlrn34e5_ETIiCHHyd4MUFT36A8CxQ5FME&e=>, or mute the thread<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_Ar0Uf0Tk0-2DfQJTeEYpef88yiyNRJOXt1ks5vZg-2D-2DgaJpZM4cDACN&d=DwMCaQ&c=qk747rkER3kecdav6nsl8A&r=SPZRUkJ2cu5Q7lB-yS5fZGrUVvZyfyrKplF8Wmk95LI&m=vLFqnxZ_FUAymz-5tC17VST1VHwLlTPY4-WVUAeNgWc&s=5N-CCoaKe67Q1TcQjfK3o07or_PQJD8GgrPhR2K9dQc&e=>.
|
|
@Heidilohr Could you please review this issue ? |
|
This is now resolved for us. The service principal I created myself was the problem. When I followed the instructions on this page it went better: This instruction should be included or linked to in the tutorial section "Windows Virtual Desktop Preview tenant information" under point 3 here: |
|
@Diwiton ! Thx had the same scenario and issue. And agree the documentation was not in a logic order. Did create a service principal when realizing an MFA enabled account would not work as the "WVD RDS Tenant Owner" BUT did that without setting it with the AvailableToOtherTenants=True The information about creating service principals and role assignment came in too late , since then I already hade created the SP and didn´t noticed the parameter they did it with. |
|
Having issues with the DSC failure. Copied the instructions on setting up the tenant in sections 1 and 4 but still having issues. Also seeing this when attempting to create the Host Pool via Powershell: New-RdsHostPool : User is not authorized to query the management service. I am using a test Pay as you go subscription. Can anyone help point me in the right direction as to why I cannot create the Host Pool? |
|
Also experiencing this error: Any ideas/solutions available? The registrations etc were all donw following the tutorial, the tenant group name is identical during initial setup aswell. |
|
Try to verify that you enter the correct Application ID and Tenant Admin PW. By running the command you will get the Password: By running the command you will get the Tenant ID: By running the command you will get the Application ID: |
|
I succesfully deployed a WVD, created a blogpost about it: |
|
Still the same error.
"error": { "code": "VMExtensionProvisioningError", "message": "VM has reported a failure when processing extension 'dscextension'. Error message: \"DSC Configuration 'FirstSessionHost' completed with error(s). Following are the first few: PowerShell DSC resource MSFT_ScriptResource failed to execute Set-TargetResource functionality with error message: One or more errors occurred. The SendConfigurationApply function did not succeed.\"." }, "name": "*redacted* } } }}
…________________________________
Van: erjenrijnders <notifications@github.com>
Verzonden: donderdag 4 april 2019 11:48
Aan: MicrosoftDocs/azure-docs
CC: Joepvtilburg; Comment
Onderwerp: Re: [MicrosoftDocs/azure-docs] Deployment failure (#27773)
I succesfully deployed a WVD, created a blogpost about it:
https://erjenrijnders.nl/2019/04/04/how-to-deploy-windows-virtual-desktop-in-azure/
Please let me know if that works for you, otherwise let me know where you struggle.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#27773 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/Au6wi149BLNsd9-pB2EeQ5g-_bWg9BYFks5vdcpRgaJpZM4cDACN>.
|
|
Does your user have Owner access on the Azure Subscription? |
|
Hey has anyone got it to work with AADDS. I seem to have the problem with AADDS, it kept failing on the DSCextension I have folllowed the microsoft and https://erjenrijnders.nl/2019/04/04/how-to-deploy-windows-virtual-desktop-in-azure/ guide step by step and am thinking the problem is AADDS thanks |
|
@stavrosmitchell yes, we used AADDS (Azure AD Domain Services) and got it to work. |
|
I still getting the error: VM has reported a failure when processing extension 'dscextension'. Error message: "DSC Configuration 'FirstSessionHost' completed with error(s). Following are the first few: PowerShell DSC resource MSFT_ScriptResource failed to execute Set-TargetResource functionality with error message: User is not authorized to query the management service.\nActivityId: df42f7e3-73d9-47ec-be4a-408019d2d62f\nPowershell commands to diagnose the failure:\nGet-RdsDiagnosticActivities -ActivityId df42f7e3-73d9-47ec-be4a-408019d2d62f\n The SendConfigurationApply function did not succeed."."
By running the command you will get the Tenant ID: By running the command you will get the Application ID: Can you help me, please? |
|
@fbcarvalho Hi whatever user you are using does not have RDS Owner or RDS Contributor permissions on the WVD tenant and is not able to complete the creation of the WVD host pool Error in IsAuthorizedAsync(Resources/Tenant/≤RPA_Tenant≥///Read) Exception=Microsoft.RDInfra.Authorization.Common.UserNotFoundException: WVD_50002: not found. |
|
How can I assing RDS Owner or RDS Contributor permissions to the user? |
|
Its in the documentation New-RdsRoleAssignment -TenantName $tenant -UserPrincipalName $userName -RoleDefinitionName "RDS Contributor" |
|
Can anyone recommend further troubleshooting steps to those still experiencing a 'dscextension’ error, even after switching from a user UPN to a service principal? I still receive the same error message as the OP: VM has reported a failure when processing extension ‘dscextension’. Error message: DSC Configuration ‘FirstSessionHost’ completed with error(s). Following are the first few: PowerShell DSC resource MSFT_ScriptResource failed to execute Set-TargetResource functionality with error message: One or more errors occurred. The SendConfigurationApply function did not succeed. I've tried deploying the host pool through the Azure web UI, via powershell script, and have even read through some of the scripts saved onto the WVD Host VM under C:\WindowsAzure and C:\Packages folder, nothing jumps out at me to explain why the deployment continually fails on this step. I am deploying a single host, I run a single DC with AAD Connect as an Azure VM, and that is essentially it for my test environment. Edit: Resolved by creating Hostpool manually using Powershell: https://docs.microsoft.com/en-us/azure/virtual-desktop/create-host-pools-powershell |
|
@r-maestas : Glad your issue got resolved. We'll continue to monitor feedback to understand how to have the automated deployment mechanisms (Azure Marketplace and GitHub ARM template) can have more consistency. We also edited the order of these docs, so that should help. https://docs.microsoft.com/en-us/azure/virtual-desktop/tenant-setup-azure-active-directory |
|
#please-close |
|
Closing as per author comments. |
Got this error when I tried to provision a host pool. Followed the guide exactly...
{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.",
"details": [
{
"code": "Conflict",
"message": "{\r\n "status": "Failed",\r\n "error": {\r\n "code": "ResourceDeploymentFailure",\r\n "message": "The resource operation completed with terminal provisioning state 'Failed'.",\r\n "details": [\r\n {\r\n "code": "VMExtensionProvisioningError",\r\n "message": "VM has reported a failure when processing extension 'dscextension'. Error message: \"DSC Configuration 'FirstSessionHost' completed with error(s). Following are the first few: PowerShell DSC resource MSFT_ScriptResource failed to execute Set-TargetResource functionality with error message: One or more errors occurred. The SendConfigurationApply function did not succeed.\"."\r\n }\r\n ]\r\n }\r\n}"
}
]
}
Dokumentinformation
⚠ Redigera inte det här avsnittet. Det krävs för docs.microsoft.com ➟ länkning till GitHub-problem.
The text was updated successfully, but these errors were encountered: