azuread login issues with azure virtual desktop

Question

I am trying to explore the azure virtual desktop with azuread joined in it (not azure AD DS). here are the steps I have followed

1. created virtual desktop pool with one windows 10 vm in it.
2. granted virtual machine user login , desktop virtualization user role assigned to the workspace and application group.
3. I have also assigned this vm to my user in hostpool assig option.
4. from bastion host, I can see from about pc This vm is joined to AzureAD.
5. when I try to login from following link, (cred passed are Username- AzureAD\username@domain.com password-working password) I am getting this error "Oops, we couldn't connect to "SessionDesktop" Sign in failed. Please check your username and password and try again." https://rdweb.wvd.microsoft.com/arm/webclient/index.html
6. we have conditional access MFA is enabled.

I have gone through multiple documents, various troubleshooting forums , but still not getting any solution. can you please advise what I should check to make this work.

thanks in advance.

Answer 1

Thank You kandarp sarvaiya for sharing your suggestion. Based on your comment posting this as an answer to help other community member.

Removed windows VM sign-in from the Condition Access policy and now able to login to VM with my AAD login.

Note : you can exclude MFA requirement by configuring Conditional Access policy that excludes "Azure Windows VM Sign-In" app from the list of cloud apps that require MFA.

Refer this document for more information.