Have a read of this page in full: https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc
The below section might be the issue.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hope someone can help shine a light here... I provisioned a a few Windows 11 VMs on Azure; and created them natively Azure joined (AD is not an option, only ADD here). I can see that the Extensions blade that addLoginforWindows is enabled/ installed. I added the Virtual Machine Admin Login role and added my account to the RG. I can see all the settings are right, but when I try to RDP using my ADD UPN is saying login failure. I then logged in to the VM with a local user and I verified is ADD joined there. What am I missing?
Have a read of this page in full: https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc
The below section might be the issue.
Hi Razzi29,
Thank you for providing the feedback. We noticed that you rated an answer as not helpful. To make this a positive experience for you, I am providing some debugging steps that will help with your issue.
Recommendations:
AzureAD\UPN
format (for example, AzureAD\john@contoso.com
). At this time, you can use Azure Bastion to log in with Microsoft Entra authentication via the Azure CLI and the native RDP client mstsc.If you have completed all the above without a miss, then it may not be an issue in configuration. However, you can check the below article one more time and make sure all the settings are suitable, https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-windows#configure-role-assignments-for-the-vm
If you still get the same issue, I recommend you open an azure support case. If you don't have the ability to open a technical support ticket, please let me know and I can help you further with this.
If you are satisfied with the answer, please "Accept as Answer" and give a thumbs up, so that you can help others in the community looking for remediation for similar issues.
It doesn't address the issue. All of these steps are followed, the machine has an FQDN, I can successfully authenitcate to the web login interface. The next screen, every time, is CAA20002 / AADSTS293004. On MY machine, I don't see an option for AAD join in settings, only to add a work/school account. I've done this. I've tried AzureAD/FullName (what shows up in the settings panel after adding), and also AzureAD/UPN, and also simply UPN. Auth every time, fail with these errors every time.
The documentation is horrible.