You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/windows-365/troubleshoot-azure-network-connection.md
+20Lines changed: 20 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -27,6 +27,23 @@ When a Cloud PC is provisioned, it's automatically joined to the provided domain
27
27
- You troubleshoot domain join failures like any physical computer in your organization.
28
28
- If you have a domain name that can be resolved on the internet (like `contoso.com`), make sure that your Domain Name System (DNS) servers are configured as internal. Also, make sure that they can resolve Active Directory domain DNS records, not your public domain name.
29
29
30
+
If you encounter the following errors in your ANC health checks, consider the suggestions in the following two sections to ensure your Azure and on-premises configurations can successfully reach the required Windows 365 endpoints:
31
+
32
+
> Internal Server Error
33
+
34
+
> InternalServerErrorUnableToRunDscScript
35
+
36
+
### Domain controller line of sight
37
+
38
+
Successful communication with a domain controller within your organization is essential for configuring an ANC to allow hybrid domain-joined Cloud PCs. Ensure that the Azure vNet used for your ANC connection has a network route to a domain controller and ensure that your DNS setup can successfully resolve it.
39
+
40
+
> [!NOTE]
41
+
> This section only applies to hybrid environments.
42
+
43
+
### ANC Endpoint Access
44
+
45
+
During ANC configuration, the service needs to download configuration data from various Microsoft endpoints as listed in [Network requirements](/windows-365/enterprise/requirements-network). Failure to reach these endpoints due to misconfigured network settings can lead to a failure. To ensure successful access, Transport Layer Security (TLS) inspection should be avoided on any vNET used for ANC connections. Ensure that you can successfully resolve and reach these endpoints through the Azure vNet used and ensure that any firewall, proxy, or other Network services employed within the network allow access to them.
46
+
30
47
<aname='azure-active-directory-device-sync'></a>
31
48
32
49
## Microsoft Entra device sync
@@ -42,6 +59,9 @@ If provisioning fails, make sure that:
42
59
- Microsoft Entra Connect is running correctly, and there are no issues with the sync server.
43
60
- You manually perform an `Add-Computer` into the OU provided for Cloud PCs. Time how long it takes for that computer object to appear in Microsoft Entra ID.
44
61
62
+
> [!NOTE]
63
+
> If you receive an **Entra ID Sync Warning** after confirming that the recommended configuration is correctly set and there are no provisioning failures, no further action is required. This warning can occur if the check is performed directly after a sync has been completed.
64
+
45
65
## Azure subnet IP address range usage
46
66
47
67
As part of the ANC setup, you're required to provide a subnet to which the Cloud PC connects. For each Cloud PC, provisioning creates a virtual NIC and consumes an IP address from this subnet.
0 commit comments