Merge pull request #7626 from MicrosoftDocs/migrate-kb5016069

AB#2429: Improve and migrate KB5016069-Desktop flow failing with AADMachineAlwaysPromptingForPassword error code

Author: lucciz01

support/power-platform/power-automate/desktop-flows/media/msentramachinealwayspromptingforpassword-error/msentramachinealwayspromptingforpassword.png

@@ -0,0 +1,46 @@
+---
+title: Unattended Desktop Flow Run Fails with MSEntraMachineAlwaysPromptingForPassword
+description: Solves an error that occurs when you run an unattended desktop flow in Microsoft Power Automate for desktop.
+ms.author: moelaabo
+ms.reviewer: guco, alarnaud
+ms.custom: sap:Desktop flows\Unattended flow runtime errors
+ms.date: 12/09/2024
+---
+# An unattended desktop flow run fails with the MSEntraMachineAlwaysPromptingForPassword error
+
+This article provides a resolution for an error that occurs when you run an unattended desktop flow in Microsoft Power Automate for desktop.
+
+## Symptoms
+
+Your unattended desktop flow run fails with the "MSEntraMachineAlwaysPromptingForPassword" error code (formerly "AADMachineAlwaysPromptingForPassword").
+
+```jsonc
+{
+    "error":{
+        "code": "MSEntraMachineAlwaysPromptingForPassword",
+        "message": "Could not create unattended session with these credentials."  
+    }    
+}
+```
+
+:::image type="content" source="media/msentramachinealwayspromptingforpassword-error/msentramachinealwayspromptingforpassword.png" alt-text="Screenshot of the error code shown in the Body section of the Run a flow built with Power Automate for desktop page.":::
+
+## Cause
+
+Power Automate for desktop can't validate your Microsoft Entra ID (formerly Azure Active Directory) credentials on the machine. This issue is typically caused by a group policy setting on your machine.
+
+## Resolution
+
+To solve this issue, check the group policy setting on your machine.
+
+1. Press the Windows key+<kbd>R</kbd> to open the **Run** dialog.
+1. Type **gpedit.msc** and press <kbd>Enter</kbd> to open the Local Group Policy Editor.
+1. Navigate to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Remote Desktop Services** > **Remote Desktop Session Host** > **Security**.
+1. Look for the **Always prompt for password upon connection** setting.
+
+   - If the setting is enabled, work with your IT department to disable the policy for that machine.
+
+     > [!NOTE]
+     > This value is also reflected in the registry at **Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services**. If the **fPromptForPassword** DWORD value for the **Terminal Services** key is set to **1**, the setting is enabled, and you need to work with your IT department to disable it (simply changing the registry value is generally not sufficient, as it might be reverted.)
+
+   - If the **Always prompt for password upon connection** setting isn't enabled but you receive the error code, type **regedit** in the **Run** dialog to open the Registry Editor. In the Registry Editor, navigate to the **Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp** registry key. Then, look for the **fPromptForPassword** DWORD and set it to **0**. If the DWORD doesn't exist, create it and set its value to **0**.

support/power-platform/power-automate/desktop-flows/msentramachinealwayspromptingforpassword-error.md

@@ -2,7 +2,7 @@
 title: Error code occurs when running an attended or unattended desktop flow
 description: Provides mitigation steps for the error codes that occur when running attended or unattended desktop flows.
 ms.reviewer: cefriant, kenseongtan, guco, johndund
-ms.date: 10/08/2024
+ms.date: 12/09/2024
 ms.custom: sap:Desktop flows\Unattended flow runtime errors
 ---
 # Error code occurs when running an attended or unattended desktop flow
@@ -44,6 +44,7 @@ _Original KB number:_   4555406
 |ConnectionTimeout|404|Attended</br>Unattended|This request operation didn't receive a reply within the configured timeout.</br> Check that your machine is online and can communicate with the required Power Automate endpoints.|
 |EndpointDoNotExist|404|Attended</br>Unattended|The endpoint wasn't found.</br>Register your machine again and schedule new runs.|
 |GroupIsEmpty|400|Attended</br>Unattended|The machine group is empty.</br> Add machines to the group, then reschedule new runs.|
+|MSEntraMachineAlwaysPromptingForPassword|400|Unattended|For more information about this error code, see [An unattended desktop flow run fails with the MSEntraMachineAlwaysPromptingForPassword error](msentramachinealwayspromptingforpassword-error.md).|
 |NoCandidateMachine|400|Attended</br>Unattended|The run has exceeded the queue waiting time limit.</br> Consider allocating more machines or spreading desktop flow runs to optimize wait time in the queue.|
 |DesktopFlowsActionThrottled|429|Attended</br>Unattended|The desktop flow action failed because of throttling. This error code appears when too many desktop flows use the same connection. Check your connection usage and assign your desktop flows to multiple connections.|
 |DesktopFlowsActionTimeout|400|Attended</br>Unattended|The execution of the desktop flow action exceeded maximum duration.</br> Increase the time-out value that's set on the action or split the desktop flow into several shorter desktop flows.|

support/power-platform/power-automate/desktop-flows/troubleshoot-errors-running-attended-or-unattended-desktop-flows.md

@@ -170,6 +170,8 @@
       href: desktop-flows/temporary-profile-error-machine-registration.md
     - name: 'UnallowedTenantForConnectWithSignIn or connection errors when using "connect with sign-in"'
       href: desktop-flows/troubleshoot-unallowed-tenant-for-connect-with-sign-in.md
+    - name: Unattended desktop flow fails with MSEntraMachineAlwaysPromptingForPassword
+      href: desktop-flows/msentramachinealwayspromptingforpassword-error.md
 - name: Flow creation
   items:
     - name: Can't find Excel Online table in Microsoft Flow