Microsoft Security | Microsoft Entra | Other
Additional Microsoft Entra services and features related to identity, access, and network security
Unable to authenticate from on-premise network to Azure VM server that has joined Microsoft Entra Domain Services.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 13%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMW%3C/text%3E%3C/svg%3E)
Mic Wang 王傳邦
0
Reputation points
Hi Azure Expert,
I had recently created "Microsoft Entra Domain Services" in our azure environment.
I had also done AAD user password reset (So it would do password synced to Domain Services), and performed hash sync so on-premise AD -> AAD -> Domain Services will have all password synced.
I have created two test Azure VM (One Server, and One Computer), and they can joined to ADDS and login using ADDS user account (synced from on-premise AD) without any problem.
Here is my problem:
I can RDP to these two VM from their own VM environment and do 445 file sharing successfully, but when I want to RDP from on-premise computer to these two VM, I am getting message saying either username or password are incorrect. I use both UPN or domain\username methods without success.
Our on-premises network and azure network are connected via S2S vpn, and there is no FW policy from on-premises network to azure network. All FW in this to VMs are turned off.
My question is:
- How can I RDP to AADDS joined computers from on-premises network?
- How can I Join on-premises computers to AADDS?
- How can I access port 445 to AADDS joined computers from on-premises network?
I think above three questions can be solved by one solution, but I don't know what to do to resolve, and hopfully get a help from expert.
Thank you.
Mic
Microsoft Security | Microsoft Entra | Other
-
Mic Wang 王傳邦 0 Reputation points
2023-10-22T16:52:35.9333333+00:00 One more thing I forgot to mention is that when I use VMs' local account to connect RDP and 445 from computer in on-premises network, they can be connected successuflly.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Sandeep G-MSFT 21,141 Reputation points Microsoft Employee Moderator2023-10-26T12:11:43.3533333+00:00 Thank you for posting this in Microsoft Q&A platform.
I am looking into this issue and will get back to you post my research
Sign in to comment
Sign in to answer