Information about SharePoint, Microsoft 365, Azure, Mobility and Productivity from the Computer Information Agency
Slides from this month’s webinar are at:
September 2021 Microsoft 365 Need to Know Webinar
If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:
http://www.ciaopsacademy.com.au/p/need-to-know-webinars
Watch out for next month’s webinar.
Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at the newly announced Windows 365 and how it plays into the modern workplace.
Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite! Yeah Teams webinars.
You can register for the regular monthly webinar here:
September Webinar Registrations
The details are:
CIAOPS Need to Know Webinar – September 2021
Thursday 30th of September 2021
11.00am – 12.00am Sydney Time
All sessions are recorded and posted to the CIAOPS Academy.
The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:
or purchase them individually at:
Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.
I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.
This, unfortunately, was the error that keep greeting me whenever I tried to set up a Windows 365 Business Cloud PC:
Setup failed, please reset your cloud PC
I repeated the reset process over and over but still no luck. I then came across the following article from Microsoft:
Troubleshoot Windows 365 Business Cloud PC setup issues
which helped me greatly and I recommend you follow through that article and suggestions it makes. I therefore thought I’d share my process in troubleshooting this issue, because there are some things the article doesn’t specifically call out that I’ll mention to help you.
The first learning was that the Windows Business Cloud PC creating process creates a new account called
CloudPCBPRT
the user principal name for this appears like:
package_<GUID>@domain.com
i.e.
package_62531965-0931-10d5-9adef-0e4a7179b539e@domain.com
so, you need to ensure this exists in your active Directory.
The next learning from that article was:
Make sure there are no MFA conditional access policies for that first user. MFA must remain turned off during any setup attempts. After all Cloud PCs are successfully set up across your organization, you may turn on MFA for this user.
In essence, during the very first set up of your Windows Business Cloud PC environment you’ll need to do this using an account that doesn’t have MFA enabled. After that, accounts can have MFA enable, but it’s important that the very first account you use with Windows Business Cloud PC doesn’t have MFA enabled.
Remember, there are various ways to enforce MFA inside a tenant, directly, via Security Defaults and also using Conditional Access. Check that your initial user has all these options disabled. I’d suggest it is also a good idea to ensure the account CloudPCBPRT does not have any MFA enforcement either.
Now, the thing that I found the Microsoft article didn’t cover off was:
1. Checking that any Conditional Access policies are not blocking the join process. In my case, I have policies that prevent users adding devices via Conditional Access unless they are joining compliant devices. Ensure that these policies are not being applied to that initial user during set up. Again, double check that CloudPCBPRT is also excluded from such policies.
2. It turns out that even though I have an Australian Microsoft 365 subscription, the virtual machines where provisions for Windows Business Cloud PC from the Microsoft datacenters in Singapore. Thus, I needed to further adjust my Conditional Access policies to allow logins from this region as I generally restrict all logins to tenant to be from Australia only. As before, ensure CloudPCBPRT, can login to your tenant from the region where the VMs are provisioned.
Once I had made all those changes I could create the initial Windows Business Cloud PC and then go on and create another Windows Cloud PC for my ‘normal’ production account. And as you can see, I’m now one of the cool kids:
In summary then, your troubleshooting for Windows Business Cloud PC should start with the Microsoft article and if you are still having issues, check and adjust your Conditional Access policies to allow that first account to get set up. I’d also make sure that the account CloudPCBPRT is generally excluded from things like MFA and strict Conditional Access policies. Once I’d done all that I could do everything I needed.
CIAOPS 