When trying to log into Azure account I get an error saying "You cannot access this right now Your sign-in was successful but does not meet the criteria to access this resource. For example, you might be signing in from a browser, app, or location that is restricted by your admin."
It's only on Debian 9, I can log in fine on Ubuntu, Windows 10, and android. Also, it's not a matter of local network because I can log in on Windows 10 and android from the same internet connection. In the details of error everything seems to be okay except I get:
Device identifier: Not Available
Device platform:
Device state: Unregistered
According to your personal account test, first of all, we can make it clear that Debian9 supports logging into azure account. Azure does not impose any restrictions on Debian9 devices.
Steps to troubleshoot:
Are your Debian 9 machine and other Win 10, Ubuntu and other devices in the same domain?
Is the Azure account in question given to you by your organization or company?
Consult your AAD administrator to understand some policy restrictions.
Suggestion:
Find your AAD administrator and consult policy restrictions.
Find the IT administrator and add the Debian 9 machine to the domain.
If the above two suggestions still do not solve the problem, it is recommended to raise a support ticket for help.
Related
So I had this idea that I thought would be possible but as I'm testing it seems not work. I wonder if anyone here has any ideas on getting this working?
Objective: I want to require Compliant device (thus requiring intune) from conditional access, but allow users on a list to optionally use their personal computers to connect to an AVD who is intune compliant already.
The Conditional Access policy in play is one against all users who requires 'all cloud apps' and 'all devices' to be compliant. In testing, when I attempt to sign into the Remote Desktop App with my targeted account I see the login comes from AppID: a85cf173-4192-42f8-81fa-777a763e6e2c "Azure Virtual Desktop" - however this isn't an option when I click on "Excluded Apps" in the conditional access policy.
Is it possible to exempt any conditional access policy based on the application ID being reported in the sign-in logs?
I am not certain but have you tried to exclude Azure Virtual Desktop (9cdead84-a844-4324-93f2-b2e6bb768d07)? Microsoft sometimes have child applications under the parent parent application. Azure CAP is critical, so be sure to validate!
I wound up needing five different permissions:
Azure Virtual Desktop:
9cdead84-a844-4324-93f2-b2e6bb768d07
Azure Windows VM Sign-In:
372140e0-b3b7-4226-8ef9-d57986796201
Microsoft Remote Desktop:
a4a365df-50f1-4397-bc59-1a1564b8bb9c
Windows Virtual Desktop AME:
5a0aa725-4958-4b0c-80a9-34562e23f3b7
Windows Virtual Desktop Client:
fa4345a4-a730-4230-84a8-7d9651b86739
my organizations runs some applications that requires a 32 bit O.S.
We created a VM with Microsoft HyperV console managment that runs a Windows 10 32 bit O.S.
The problem we are facing is that we are able to log in with a Domain\Administrator account when setting up a new machine but when we try non admin accounts (which we have something like 100+ for our staff - which they are already using every day to log into their machines currently in used ) we get this error "The User Profile Service service failed the sign-in. User profile cannot be loaded". When looking at the user registry we see only 4 files and not 10+ as seen in some internet guide. In some cases we have multiple forlders pointing to the same account and in each of them we have a ProfileImagePath that goes: Domain"user".001 and .002 ecc. ecc. ecc.
I am facing issue while joining an existing farm using service bus configuration manager. This what happening at Configuration Process window:
Starting
Validating input and configuration parameters.
Installing auto-generated certificate.
Granting 'Log on as Service' privilege to the run as account.
Windows Fabric configuration started.
Group WindowsFabricAdministrators not found.
I have service bus1.1 and the Windows 10 home premium. I have gone through lots of blogs to add the Fabric host service account to other groups but in home premium version of windows 10, I could not see the Users and Groups.
Anyone have any idea , kindly suggest what I am missing and could do to make it work.
I'm currently facing an Access Denied error while connecting to an Azure VM. This VM is registered in an Active Directry. When I log with the AD credentials, I get an "Access Denied" error message with a "Ok" button without any other text on the screen. I never faced this issue before. The maching was working perfectly last week...
Do you have any idea about this issue ?
Thanks for your help
Access Denied Error Screenshot
Can you still access the VM and its using your Azure Portal login? If so, try adding the AD user via RDP.
Go to Computer Mgmt on the VM via Remote Desktop
Expand the list of Remote Desktop Users.
Select the user(s) to add.
See details in the MSDN thread:
https://social.msdn.microsoft.com/Forums/en-US/9ebce1bb-2aa0-4bb0-adc7-d1e229c5ee9e/add-user-to-remote-desktop-group-in-azure-vm?forum=WAVirtualMachinesforWindows
If you're having RDP issues with the primary user account, check the Settings blade of your VM in the Azure Portal, and look at the Users list under Resource Management.
Hope that helps!
I had the same issue, in my case it was related to Terminal Service Licensing.
First save a local copy of the RDP file from the portal and run this command at a PowerShell command prompt to connect. This will disable licensing for just that connection:
mstsc <File name>.RDP /admin
after you are able to connect then open the Event Viewer an look for an Event with ID 4105 in WIndows Logs > System. this event should appear every time a logging was attempted.
If that is the case, follow this steps to solve the issue
Event ID 4105 — Terminal Services Per User Client Access License Tracking and Reporting
Hope this helps.
I'm trying to install a certain software on an Azure Virtual Machine, however it fails indicating that I don't have Administration privileges, even though I chooose the "Run as administrator" option. How can I login as an Administrator on an Azure Virtual Machine? Thanks
https://serverfault.com/questions/111650/how-can-i-find-out-what-ad-groups-im-a-member-of
The above link will tell you what groups you belong to as the user in the system.
If you are running as the default user setup for the azure VM then you will be the Administrator on the machine. If have been granted access by another user to the box, just ask them to upgrade your rights.
You should also see if in the event log there is an permissions error for the install of the software or any other error to suggest why your software cannot be installed. Maybe a misleading error.
I would also contact the application provider and check that they support the Azure environment.
hths, good luck.