Introduction #
You might receive an email stating “Welcome to the new Army desktop experience! You have now been enabled for access to Army Enterprise AVD” but your are not out of the woods yet. If you login too soon, you may get error message AADSTS50017.
Error Breakdown #
Here are a few tips to help you avoid this error:
- Be patient. Your account may not be fully provisioned. Once you request your access, wait approximately 20 minutes to one (1) day depending on the volume.
- Try the AVD web browser portal.
- If on an Apple MacBook, use the Identiv CAC Reader or use a Yubikey.
- If on a Windows computer, use the Identiv CAC Reader
Method #1 #
If on an Apple MacBook, manually delete the identity you are having problems accessing from your keychain:
- Disconnect your Yubikey or unplug your CAC reader from your computer
- Search for the entry named “certauth.login.microsoftonline.us” and then press the delete key.
- Reconnect your Yubikey or CAC reader to your computer
Method #2 #
If on an Apple MacBook do the following:
- Disconnect your Yubikey or unplug your CAC reader from your computer
- Open Terminal
- Run “sudo rm -rf /var/db/TokenCache/tokens/” (without the quotes)
- Reconnect your Yubikey or CAC reader to your computer
Method #3 #
If on a Windows computer, do the following:
- Open the “Start Menu”
- Open the “Control Panel”
- If your Control Panel is in Classic View
- Select “Internet Options”.
- If your Control Panel is in Category View
- Select the “Network & Internet” category
- Select “Internet Options”
- Open the “Content” Tab
- Click the “Certificates” button
- Ensure te “Personal” tab is selected and highlight the certificates you want to remove
- “Remove” the highlighted certificate
- Click “Close” to close the certificate window
- Click “OK” to close the internet options
- Click the red “X” to close the Control Panel
- Remove your CAC from the card reader
- Reinsert your CAC & login to the desktop if necessary
Method #4 #
Visit the AVD Onboarding Forum on Milsuite.