Azure VM RDP access using AAD user credential

Anonymous
2020-02-27T16:23:58.033+00:00

Hello
I have create a Win10 VM machine for testing several Microsoft 365/Azure new features, but I'n not able to RDP connect to the vm using and Azure AD users.
I found this article,. Is it correct?
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows

The vm has already been created. so I run this command, but I got an error:

PS Azure:\> az vm extension set --publisher Microsoft.Azure.ActiveDirectory --name AADLoginForWindows --resource-group EG_TestRG --vm-name PCVI02  
  
Deployment failed. Correlation ID: 3cc311b1-5df5-43d6-8a54-43ceef1e157d. The handler for VM extension type 'Microsoft.Azure.ActiveDirectory.AADLoginForWindows' has reported terminal failure for VM extension 'AADLoginForWindows' with error message: 'Install failed for plugin (name: Microsoft.Azure.ActiveDirectory.AADLoginForWindows, version 0.4.1.0) with exception Command C:\Packages\Plugins\Microsoft.Azure.ActiveDirectory.AADLoginForWindows\0.4.1.0\AADLoginForWindowsHandler.exe of Microsoft.Azure.ActiveDirectory.AADLoginForWindows has exited with Exit code: -2145648572'.  
  
'Install handler failed for the extension. More information on troubleshooting is available at https://aka.ms/vmextensionwindowstroubleshoot'  

Furthermore the user I'm testing is using MFA. May somebody give me an help? Thank you

Ebrico

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
6,980 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,099 questions
0 comments No comments
{count} votes

10 answers

Sort by: Most helpful
  1. Michael BONNY 1 Reputation point
    2020-06-30T06:18:23.42+00:00

    How does this work with Federation (AD FS?) with synchronised identity (no hash)

    0 comments No comments

  2. Shehzad Khan 1 Reputation point
    2021-03-04T04:21:16.397+00:00

    what about people accessing the VM using Bastian @fabio


  3. Niranjan m o 1 Reputation point
    2021-06-19T12:02:51.13+00:00

    microsoft is so bad not giving students credit

    0 comments No comments

  4. Ernesto Mayol 16 Reputation points
    2022-03-31T18:57:43.113+00:00

    Anyone know if a Public IP for the VM is required for this to work. Network requirements on the doc below do not mentioned anything, but I have not been able to get the option to download the RDP file to show up and Fabio's instructions above seem to indicate a public IP is needed, which is something I do not want to create.
    https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows#requirements


  5. Volodymyr Usov 1 Reputation point
    2022-05-18T09:15:01.28+00:00

    here is what is easy to miss resulting above connectivity issues:

    Remote connection to VMs joined to Azure AD is only allowed from Windows 10 or newer PCs that are either Azure AD registered (minimum required build is 20H1) or Azure AD joined or hybrid Azure AD joined to the same directory as the VM. Additionally, to RDP using Azure AD credentials, the user must belong to one of the two Azure roles, Virtual Machine Administrator Login or Virtual Machine User Login. If using an Azure AD registered Windows 10 or newer PC, you must enter credentials in the AzureAD\UPN format (for example, AzureAD\john@Company portal .com).

    0 comments No comments