Windows 11设备加入Entra ID后关联工作账户登录失败（密码验证错误）的排查求助

阿华AIGC实验室

2026-4-20

各位大佬求助！我有一台Windows 11桌面机，用本地管理员账户操作，严格按照微软文档的步骤，通过加入提示里的Entra ID链接添加了一个工作账户，加入过程显示成功。

重启后我尝试用这个刚加入的工作账户关联的邮箱登录，结果一直弹出密码错误提示。但我百分百确定密码是对的——毕竟刚才就是用这个密码完成账户加入的，我已经反复核对了四次！

回到本地管理员账户后，我在设置 > 账户 > 其他用户里能看到这个工作账户（有对应截图）。

另外我之前看到有说法称：Azure AD用户没有本地域控制器（DC）同步的话无法登录本地机器，但这和我查阅的文档内容矛盾。而且很多相关文档都是过时的，不仅名称改了，截图和当前的管理面板也完全对不上，我现在彻底懵了。

我已经试过以下两种登录格式，均无效：

azuread\username
username@workdomain.com

有没有大佬能给点排查思路？

附上dsregcmd /status的输出结果：

+----------------------------------------------------------------------+
| Device State                                                         |
+----------------------------------------------------------------------+
AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : NO
Virtual Desktop : NOT SET
Device Name : dev04
+----------------------------------------------------------------------+
| Device Details                                                       |
+----------------------------------------------------------------------+
DeviceId : ZZZZZZZZ-ZZZZ-ZZZZ-ZZZZ-c89f185ZZZZZ
Thumbprint : ZZZZZZZZ42BF67427D9A8DA4D78771ZZZZZZZZZZ
DeviceCertificateValidity : [ 2024-01-27 00:45:22.000 UTC -- 2034-01-27 01:15:22.000 UTC ]
KeyContainerId : ZZZZZZZZ-ZZZZ-ZZZZ-ZZZZ-9554ZZZZZZZZ
KeyProvider : Microsoft Platform Crypto Provider
TpmProtected : YES
DeviceAuthStatus : SUCCESS
+----------------------------------------------------------------------+
| Tenant Details                                                       |
+----------------------------------------------------------------------+
TenantName : workdomain.com
TenantId : ZZZZZZZZ-ZZZZ-ZZZZ-8d95-8edaZZZZZZZZ
AuthCodeUrl : https://login.microsoftonline.com/ZZZZZZZZ-ZZZZ-ZZZZ-8d95-ZZZZZZZZZZZZ/oauth2/authorize
AccessTokenUrl : https://login.microsoftonline.com/ZZZZZZZZ-ZZZZ-ZZZZ-8d95-ZZZZZZZZZZZZ/oauth2/token
MdmUrl :
MdmTouUrl :
MdmComplianceUrl :
SettingsUrl :
JoinSrvVersion : 2.0
JoinSrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/device/
JoinSrvId : urn:ms-drs:enterpriseregistration.windows.net
KeySrvVersion : 1.0
KeySrvUrl : https://enterpriseregistration.windows.net/EnrollmentServer/key/
KeySrvId : urn:ms-drs:enterpriseregistration.windows.net
WebAuthNSrvVersion : 1.0
WebAuthNSrvUrl : https://enterpriseregistration.windows.net/webauthn/ZZZZZZZZ-ZZZZ-ZZZZ-8d95-ZZZZZZZZZZZZ/
WebAuthNSrvId : urn:ms-drs:enterpriseregistration.windows.net
DeviceManagementSrvVer : 1.0
DeviceManagementSrvUrl : https://enterpriseregistration.windows.net/manage/ZZZZZZZZ-ZZZZ-ZZZZ-8d95-ZZZZZZZZZZZZ/
DeviceManagementSrvId : urn:ms-drs:enterpriseregistration.windows.net
+----------------------------------------------------------------------+
| User State                                                           |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO
+----------------------------------------------------------------------+
| SSO State                                                            |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority :
AcquirePrtDiagnostics : PRESENT
Previous Prt Attempt : 2024-01-27 01:25:09.574 UTC
Attempt Status : 0xc00484c0
User Identity : mrspock@workdomain.com
Credential Type : Password
Correlation ID : ZZZZZZZZ-d335-ZZZZ-ZZZZ-9deb95ZZZZZZ
Endpoint URI : https://sso.godaddy.com/v1/wss/trust/XX/XXXXXXXX
HTTP Method : POST
HTTP Error : 0x800484c0
HTTP status : 405
Server Error Code :
Server Error Description :
EnterprisePrt : NO
EnterprisePrtAuthority :
+----------------------------------------------------------------------+
| Diagnostic Data                                                      |
+----------------------------------------------------------------------+
AadRecoveryEnabled : NO
Executing Account Name : dev04\mrspock
KeySignTest : PASSED
DisplayNameUpdated : YES
OsVersionUpdated : YES
HostNameUpdated : NO
Last HostName Update : NONE
+----------------------------------------------------------------------+
| IE Proxy Config for Current User                                     |
+----------------------------------------------------------------------+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+----------------------------------------------------------------------+
| WinHttp Default Proxy Config                                         |
+----------------------------------------------------------------------+
Access Type : DIRECT
+----------------------------------------------------------------------+
| Ngc Prerequisite Check                                               |
+----------------------------------------------------------------------+
IsDeviceJoined : YES
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision

备注：内容来源于stack exchange，提问作者lifostack