Error : Login to Azure VM using Azure AD - The sign-method you're trying to use isn't allowed

MyAzQuery 131 Reputation points
2022-11-20T16:21:12.813+00:00

https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows

I followed the above microsoft article and configured Win10 Multisession OS Azure VM to have Azure AD login. i have configured this for 2 users as Virtual machine administrator role assignments via the Azure VM Access control blade (IAM) and added user to remote desktop users group as well.

Now for 1 user , i am able to successfully login to the Win10 Azure VM, with the AzureAD\user1@mydomain.com , but for the 2nd user AzureAD\user2@mydomain.com, i get below error.
"The sign-in method you're trying to use isn't allowed. Try a different sign-in method or contact your system administrator."
i followed the exact steps mentioned here below
https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows#mfa-sign-in-method-required

Please help

262311-image.png

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,676 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
5,242 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Manu Philip 14,546 Reputation points MVP
    2022-11-20T17:13:04.593+00:00

    I suggest the first check to see that the two users have the same role assignments. You can follow the below reference to do that

    role-assignments-list-portal

    If the above check is not helping, disable MFA and see if it helps. You can disable MFA by disabling the security defaults, as indicated in the below screenshot

    262341-image.png

    ----------

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.
    0 comments