How to find out why session host configuration fails to join new hosts to the domain

Justin Montgomery 6

We are trying to use the session host configuration for a new AVD host pool. We have confirmed that it can join computer to the specified OU without difficulty when we do it manually, and that the key vault access is intact since the local admin is created without issue.

But any new session hosts fail to join to the domain. They're created with all other specifications.

If we try to add them manually it seems to create some kind of instability in the FSLogix where it will then permanently hang for users when they try to log off.

It would be good if we had insight to the domain join failures so we can resolve the problem and don't have to manually join them.

In the deployment I can see the network, the VM, and a DSC, but that DSC is only for joining to the AVD Host pool. I don't see anything in it to join using the key vault credentials.

anashetty 2,120 Reputation points Microsoft Vendor

2025-02-06T02:04:17.5333333+00:00

Hi Justin Montgomery,

Welcome to the Microsoft Q&A Platform! Thank you for asking your question here.

Could you please provide below details, so that we can assist you in detail.
Check Azure Deployment Logs in the Azure Portal → Resource Group → Deployments → Look for domain join step failures and also check logs in Event Viewer.
Check the logs on the session host VM, check Domain Join Extension Logs on the VM.
Verify that the domain join credentials stored in Azure Key Vault are correct.

Thank you.
Justin Montgomery 6 Reputation points

2025-02-06T04:35:05.28+00:00

I've tested the credentials in a manual join by copying and pasting them out of the vault, so those are correct.

I don't see any domain join in deployment, what kind of resource would be attempting it?

The Event Viewer shows no attempts to join the domain, either on the host or on the domain controller.

There is no domain join extension, the only extensions automatically installed were MDE.Windows and Microsoft.Powershell.SDC.
Justin Montgomery 6 Reputation points

2025-02-06T15:15:38.7833333+00:00

Comment eaten.
Justin Montgomery 6 Reputation points

2025-02-06T15:21:10.14+00:00

You can configure Domain Join in the Host Pool: Navigate to the AVD Host Pool in the Azure portal. Under Properties, configure the domain join settings as in specify the domain name, give the correct OU path, reference the credentials stored in Azure Key Vault then redeploy the session hosts.

The domain join properties are required in the session host configuration to begin using it. This suggestion does not follow.

As you mentioned, you are already using DSC, you can extend it to include domain joining.

I am not using DSC, the SHC is using is to join the host to the host pool.

I'm not really looking for a workaround--if the feature isn't working I want to let the team who owns it know that so they can fix it. Who do I contact for that?
anashetty 2,120 Reputation points Microsoft Vendor

2025-02-07T01:17:56.1066667+00:00

Hi Justin Montgomery,

Could you please provide documents which you are following, I will try to reproduce the scenario in my environment and let you know the results.

Thank you.
Justin Montgomery 6 Reputation points

2025-02-07T14:34:31.24+00:00

https://learn.microsoft.com/en-us/azure/virtual-desktop/session-host-update-configure?tabs=portal
anashetty 2,120 Reputation points Microsoft Vendor

2025-02-10T15:40:20.0233333+00:00

Hi Justin Montgomery,

Instead of given above document, I would recommend trying with this Add session hosts to a host pool. While joining domain, could you please tell us which directory you are selecting.

Please refer to this troubleshooting documents which might help you: Troubleshoot session host configuration and session host update in Azure Virtual Desktop
Troubleshoot domain-join problems with a Microsoft Entra Domain Services managed domain

If you have any further queries, please do let us know.
Justin Montgomery 6 Reputation points

2025-02-10T16:11:43.73+00:00
None of that is relevant.

That document only touches on incrementing the numbers of host in a SHC deployment. It has no information on how to configure a SHC.

The problem is not with the host pool or the host itself, this has no bearing on my issue.

We are not using an Entra Domain Services, and further, only Active Directory is supported for SHC at this time.
Akshay kumar Mandha 2,590 Reputation points Microsoft Vendor

2025-02-10T22:26:46.24+00:00

Hi Justin Montgomery,
Thank you for sharing your feedback.
We noticed that the answer was downvoted, and I understand that it might not have been as helpful as expected. Based on the query you referred to that below documentation.
Update session hosts using session host update in Azure Virtual Desktop (preview) this is still in preview
Since it's in preview, it doesn't come with the usual guarantees or support that generally available features have

For above points was mentioned in official documentation I elaborated little bit for clarity since the feature is currently in preview, we can't guarantee its product until it's fully supported and officially released. Microsoft mentions that preview features might have various faults and limitations until they reach general availability also mention screenshot about this in previous comment some of the features might not work until get into fully released version

If you still have doubts or need further clarification, please let me know. I'm happy to help you as needed!
If you found this informative, could you please click an upvote
Justin Montgomery 6 Reputation points

2025-02-10T22:29:52.46+00:00

I understand it is in preview. So who do we need to contact, and how, to let them know that it's not working and get it to a functional state?
Akshay kumar Mandha 2,590 Reputation points Microsoft Vendor

2025-02-10T22:49:13.9433333+00:00

Hi Justin Montgomery,
Thank you, being actively giving response on my comment
On the current limitation to get your session host configuration in Azure Virtual Desktop fully functional, we recommend use with the older manual approach for domain joining new session hosts. This method has been working well for you and will provide stability until the feature is fully supported and officially released.

We understand that this might not be the most convenient option, but it will help keep your system running smoothly in the meantime.

If your query is different, please let me know. If you have any further questions, feel free to ask
Akshay kumar Mandha 2,590 Reputation points Microsoft Vendor

2025-02-12T22:26:39.9133333+00:00

Hi Justin Montgomery,

I just wanted to follow up on my previous response as we navigate the current limitations with the Azure Virtual Desktop session host configuration. We understand how important a seamless experience is for you, and we truly appreciate your understanding during this preview phase.

As of now, the feature is still in development and has not been fully released. Therefore, we kindly ask that you continue using the manual approach we have previously discussed. Rest assured, our team is working diligently to ensure that this feature will be robust and reliable upon its official release.

Your cooperation and understanding mean a great deal to us. We are committed to providing you with the best possible support and will keep you informed of any updates.

You can share your experience or provide feedback to help improve the feature, Microsoft offers a feedback form. This can help the product team better understand the issue and work towards a resolution. Here is the link to submit your feedback: Feedback form

You can also follow this and features and status, in the Tech Community Hub for any updates. Also, following blogs is a better way to stay informed about any issues. Azure Virtual Desktop Blog

If you have any further questions or need additional help, please don't hesitate to reach out to us. We will prioritize informing you once the feature is fully supported and officially released.

If this information has been helpful, please could please click an "Accept" an answer on post.
for other community by accepting the answer, it will reach the top, making it easier for others facing the same issue to find a conclusion before taking action on this service.

Thank you once again for your patience and understanding. Your support means a great deal to us.
Justin Montgomery 6 Reputation points

2025-02-12T22:31:11.84+00:00

Yes my query is different, as per the title of this thread.

I already have a workaround--I want to either find a way to fix it, or let Microsoft know so they can fix it.

1 answer

anashetty 2,120 Reputation points Microsoft Vendor

2025-02-06T07:13:42.7066667+00:00

Hi Justin Montgomery,

Thank you for getting back, based on your description, it seems that the domain join process is not being triggered during the deployment of the Azure Virtual Desktop (AVD) session hosts.

The extensions you mentioned are not related to domain joined. As there is no domain joined extension (JsonADDomainExtension or CustomScriptExtension) in your deployment confirms that domain joined process has not been initiated.

You can configure Domain Join in the Host Pool: Navigate to the AVD Host Pool in the Azure portal. Under Properties, configure the domain join settings as in specify the domain name, give the correct OU path, reference the credentials stored in Azure Key Vault then redeploy the session hosts.
As you mentioned, you are already using DSC, you can extend it to include domain joining. Modify your DSC configuration to include the domain join step. Ensure the xActiveDirectory DSC resource module is available. You can install from here This guide explains how to use the DSC extension to apply configurations to Azure VMs: Azure Desired State Configuration extension handler

You can try using a Custom Script Extension to join the session host to the domain. Create a PowerShell script to join the domain, store the script in an Azure Storage Account or GitHub. Add the Custom Script Extension to your deployment template or ARM template.

If you have any further queries, please do let us know. If this helps, please click Upvote.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

How to find out why session host configuration fails to join new hosts to the domain

1 answer

Your answer