Hello Everyone,

I hope someone can help me with the issue. We have an AVD environment with domain joined personal pools, everything works well. Now we want to deploy a personal pool with entra id joined session hosts with window 11 enterprise. I followed the instructions. But I can’t login to the host due to the error: “The sign-in method you’re trying to use isn’t allowed. Try a different sign-in method or contact your system administrator.”

It did let me log in to machine, but after like 10 seconds, it ended my sessions and when I reconnected to it, it showed that error.

We already have MFA in place for azure virtual desktop app, I add the “targetisaadjoined:i:1″ to the pool setting to use username and password, as we don’t have window hello business enabled.

The MS support guy asked us to enable the window hello business as that is the only way works for entra id Joined session host. but tbh, from the doc on ms site, it said the setting “targetisaadjoined:i:1″ and excluding the app ” Window virtual machine sign-in app” from the conditional access can skip the strong authentication require. So I’m not sure if the MS guy said that correctly.

But we still tried to enable window hello and still got that error or another error: “The username and password are incorrect”

I already add this role “Virtual Machine User Login” to users

I checked “Allow PKU2U authentication requests to this computer to use online identities” is enabled on both session host and local PC.

The pool with window 10 entra id joined works good with just this setting: “targetisaadjoined:i:1″

I’m lost now, so hope someone can help.

Thank you,

​Hello Everyone, I hope someone can help me with the issue. We have an AVD environment with domain joined personal pools, everything works well. Now we want to deploy a personal pool with entra id joined session hosts with window 11 enterprise. I followed the instructions. But I can’t login to the host due to the error: “The sign-in method you’re trying to use isn’t allowed. Try a different sign-in method or contact your system administrator.”It did let me log in to machine, but after like 10 seconds, it ended my sessions and when I reconnected to it, it showed that error. We already have MFA in place for azure virtual desktop app, I add the “targetisaadjoined:i:1” to the pool setting to use username and password, as we don’t have window hello business enabled. The MS support guy asked us to enable the window hello business as that is the only way works for entra id Joined session host. but tbh, from the doc on ms site, it said the setting “targetisaadjoined:i:1″ and excluding the app ” Window virtual machine sign-in app” from the conditional access can skip the strong authentication require. So I’m not sure if the MS guy said that correctly.But we still tried to enable window hello and still got that error or another error: “The username and password are incorrect” I already add this role “Virtual Machine User Login” to usersI checked “Allow PKU2U authentication requests to this computer to use online identities” is enabled on both session host and local PC. The pool with window 10 entra id joined works good with just this setting: “targetisaadjoined:i:1” I’m lost now, so hope someone can help. Thank you,      Read More

​