Logging into VM using AzureAD

Question

Logging into VM using AzureAD

Steve 1

Hi All I have created a virtual machine in Azure in the Qatar region and I can access this virtual machine from the Sydney region via OpenVPN, which is setup in Azure. I created a virtual network peering to ensure there is comms between the 2 regions and I can confirm I can log into the Qatar virtual machine using the local account login. However, I am getting an error when I try to log into the Qatar virtual machine when I try to authenticate using Active Directory, this is despite me enabling the Login with Azure AD during the setup of the Qatar virtual machine, adding the AD extension and enrolling myself via the IAM. The error message is below. I am lost, as I have tried everything I can think of, such as re-enrolling myself using the IAM for Windows Standard and Administrator User, uninstalling and reinstalling the AD extension and rebooting the machine. Again, I can log in using the local account but using the Azure AD login gives me the flexibility to manage accounts centrally. Any help is greatly appreciated! r/AZURE - Logging into VM using AzureAD

vipullag-MSFT 26,487 Reputation points Moderator

2023-04-17T04:07:03.21+00:00

Hello Steve Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

This issue needs deeper investigation. Support team will be able to check and help on this. I would recommend you to open a azure support case.

If you don't have a support plan enabled on your subscription, I request you to send an email to AzCommunity@Microsoft.com with Subject as "Attn:Vikas" referencing this thread along with your subscription ID. I can then enable your subscription with a one-time free technical support.

Once the issue is resolved, request you to post the resolution here for the benefit of community.

1 answer

Your answer

vipullag-MSFT 26,487 Reputation points Moderator

2023-04-17T04:07:03.21+00:00

Hello Steve Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

This issue needs deeper investigation. Support team will be able to check and help on this. I would recommend you to open a azure support case.

If you don't have a support plan enabled on your subscription, I request you to send an email to AzCommunity@Microsoft.com with Subject as "Attn:Vikas" referencing this thread along with your subscription ID. I can then enable your subscription with a one-time free technical support.

Once the issue is resolved, request you to post the resolution here for the benefit of community.

Answer 1

Hello Steve

Welcome to Microsoft Q&A Platform, thanks for posting your query here.

Based on the information you provided, it seems like you have followed the correct steps to enable Azure AD authentication during the setup of the virtual machine and have enrolled yourself via the IAM. However, you are still getting an error message when trying to log in using Azure AD credentials.

-Ensure that the Azure AD extension is installed and running on the virtual machine.
Get-Service AADLoginForWindows

If the service is not running, you can start it by running the following command:

Start-Service AADLoginForWindows

Ensure that the virtual machine is joined to the correct Azure AD tenant.

Get-AzureADComputer

This should return information about the virtual machine, including the Azure AD tenant it is joined to.

Ensure that the user account you are trying to log in with is assigned the correct Azure AD role. To log in to a virtual machine using Azure AD credentials, the user must be assigned the Virtual Machine Administrator Login or Virtual Machine User Login role. You can check this by going to the Azure portal, selecting the virtual machine, and checking the Access control (IAM) settings.

Hope this helps.

Share via

Logging into VM using AzureAD

1 answer

Your answer