Share via

Azure VM RDP with Azure AD doesn't work

vincent manzari 41 Reputation points
2023-01-22T20:47:48.7666667+00:00

Hello all,

we need to use login to Azure Vm with Azure AD users for a customer. I have created a quick lab to test the functionallity but seems that it doesn't work.

I have created 2 VMs on Azure:

  • 1 VM named VMServer (Windows Server 2019) - is the VM where users will have to log in
  • 1 VM named VMclient (Windows 10) - simulates the user client where the RDP connection begins

When I created the VMServer we have checked the option for "login with AzureAD", and the extention is correctly present in the VMServer and it present within Azure AD devices (Azure AD joined).

User's image

To test the RDP connection, I have set the grant for the account in the Group "Virtual Machine Administrator Login" at the RG level.

Within the VMClient, I have registered the account within Accounts -> Email & Accounts

User's image

In this way, I have the VMClient "Azure AD registered" in the Azure AD.

I have disable the MFA for the account.

So, it seems all regular for the RDP with Azure AD.

When i try to login with RDP from the VMClient to the VMServer using AzureAD\UPN sintax I receive this error

User's image

Can you help me please?

On the VMServer (destinantion for the RDP connection) it result AzureADJoined.

User's image

Thank you for your help

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,713 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,773 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,274 questions
0 comments

7 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 120.2K Reputation points MVP
    2023-01-22T20:52:38.38+00:00

    Hi @vincent manzari ,

    it looks like the user doesn't have the permission granted to log in locally on the server VM.

    By default only members of the Administrators group on a server are allowed to login "locally" on the server. This includes the logn via RDP as well.

    Please check if the user, that is used to logon via RDP to the server, is a member of the Administrators group on a server.

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards

    Andreas Baumgarten

  2. vincent manzari 41 Reputation points
    2023-01-23T08:29:10.78+00:00

    Hi @Andreas Baumgarten

    thak you for the support. I have checked but unfortunatly the users from AzureAD are not resolved when I try to add to the Administrators group in the VM

    User's image

  3. Andreas Baumgarten 120.2K Reputation points MVP
    2023-01-23T08:39:10.8633333+00:00

    Hi @vincent manzari ,

    Please take a look here: Please take a look here: https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows#configure-role-assignments-for-the-vm

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards

    Andreas Baumgarten

    0 comments
  4. Limitless Technology 44,691 Reputation points
    2023-01-23T17:06:58.01+00:00

    Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query.

    You can try the following to fix this issue:

    1. Reset the Remote Desktop settings.
    2. Check the endpoints for Cloud Services and the Network Security Group rules.
    3. Analyze the VM console logs.
    4. For the VM, reset the NIC.
    5. View the health of the VM resources.
    6. VM password reset.
    7. Start your VM again.
    8. VM redeployment

    For more information on how to perform these, please see https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/troubleshoot-rdp-connection

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

    0 comments
  5. Limitless Technology 44,691 Reputation points
    2023-01-23T17:07:09.7666667+00:00

    Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query.

    You can try the following to fix this issue:

    1. Reset the Remote Desktop settings.
    2. Check the endpoints for Cloud Services and the Network Security Group rules.
    3. Analyze the VM console logs.
    4. For the VM, reset the NIC.
    5. View the health of the VM resources.
    6. VM password reset.
    7. Start your VM again.
    8. VM redeployment

    For more information on how to perform these, please see https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/troubleshoot-rdp-connection

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.