You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
# An unattended desktop flow run fails with the MSEntraMachineAlwaysPromptingForPassword error
10
10
@@ -29,28 +29,32 @@ Your unattended desktop flow run fails with the "MSEntraMachineAlwaysPromptingFo
29
29
30
30
Power Automate for desktop can't validate your Microsoft Entra ID (formerly Azure Active Directory) credentials on the machine. This issue is typically caused by a group policy setting on your machine.
31
31
32
-
## Resolution
33
-
There are 3 possible paths to mitigate this issue
32
+
## Resolution 1: Use Microsoft Entra authentication for Remote Desktop with a user certificate
34
33
35
-
### Option 1: Use MSEntra Authentication for Remote Desktop - with a user certificate ###
36
-
This option requires PAD 2.50 or above. It is best to use in case no MFA exception can be granted to the desktop flow connection account.
34
+
This resolution requires Power Automate for desktop version 2.50 or later.
37
35
38
-
See [Certificate Base Authenticiation](https://learn.microsoft.com/power-automate/desktop-flows/configure-certificate-based-auth)
36
+
It's best to use this resolution when no [multifactor authentication (MFA) exception](~/power-automate/administration/conditional-access-and-multi-factor-authentication-in-flow#details) can be granted to the desktop flow connection account.
39
37
40
-
### Option 2: Use MSEntra Authentication for Remote Desktop - with a user/password ###
41
-
This option requires PAD 2.49 or above. This option can be faster to setup in case an MFA Exception can be granted to the desktop flow connection account.
38
+
For more information, see [Configure certificate-based authentication (preview)](/power-automate/desktop-flows/configure-certificate-based-auth).
42
39
43
-
1. Force MSEntra authentication in PAD via registry key (use regedit, admin required)
## Resolution 2: Use Microsoft Entra authentication for Remote Desktop with a user/password
48
41
49
-
2. Configure [Hiding consent prompt for the target devices](https://learn.microsoft.com/power-automate/desktop-flows/run-unattended-desktop-flows#admin-consent-for-unattended-runs-using-cba-or-sign-in-credentials-with-nla-preview)
50
-
3. Restart the Power Automate service
51
-
4. Use a MSEntraID connection with user/password credentials. An MFA Exception is required for this account.
42
+
This resolution requires Power Automate for desktop version 2.49 or later. It can be faster to set up with the following steps if an MFA exception can be granted to the desktop flow connection account.
43
+
44
+
1. Open the Registry Editor (regedit) with administrative privileges. Navigate to the following registry path, create a new DWORD-32 value with the name `UseRdsAadAuthentication`, and then set the value of `UseRdsAadAuthentication` to **1**.
2.[Hide the consent prompt dialog for a target device group](/power-automate/desktop-flows/run-unattended-desktop-flows#admin-consent-for-unattended-runs-using-cba-or-sign-in-credentials-with-nla-preview).
51
+
52
+
3. Restart the Power Automate service.
53
+
54
+
4. Use a Microsoft Entra ID connection with user/password credentials. Note that an MFA exception is required for this account.
55
+
56
+
## Resolution 3: Disable fPromptForPassword
52
57
53
-
### Option 3: Disable fPromptForPassword
54
58
To solve this issue, check the group policy setting on your machine.
55
59
56
60
1. Press the Windows key+<kbd>R</kbd> to open the **Run** dialog.
0 commit comments