This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hope someone can help shine a light here... I provisioned a a few Windows 11 VMs on Azure; and created them natively Azure joined (AD is not an option, only ADD here). I can see that the Extensions blade that addLoginforWindows is enabled/ installed. I added the Virtual Machine Admin Login role and added my account to the RG. I can see all the settings are right, but when I try to RDP using my ADD UPN is saying login failure. I then logged in to the VM with a local user and I verified is ADD joined there. What am I missing?
Hi @Razzi29
We noticed that you rated an answer as not helpful. I have provided an answer with the relevant details to make this a positive experience for you. Thanks!
We value your feedback. If my answer is helpful, would you be so kind to re-evaluate your feedback, accept my answer and upvote the same please?
Thank you for helping to improve Microsoft Q&A!
I wanted to check in and see if you had any other questions or if you were able to resolve this issue?
If you have any other questions, please let me know. Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.
Have a read of this page in full: https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc
The below section might be the issue.
@Alan Kinane thanks for your post. I already went through that page, and still having the issue. I bullet checked each step in requirements. I am using Bastion to connect; as I mentioned local user works but ADD user creds do not work. I wanted to make sure I am login to ADD then once I verify that then I can start on next phase which will be native RDP client over the internet to a dedicated personal VM.
Hi Razzi29,
Thank you for providing the feedback. We noticed that you rated an answer as not helpful. To make this a positive experience for you, I am providing some debugging steps that will help with your issue.
Recommendations:
AzureAD\UPN format (for example, AzureAD\john@contoso.com). At this time, you can use Azure Bastion to log in with Microsoft Entra authentication via the Azure CLI and the native RDP client mstsc.If you have completed all the above without a miss, then it may not be an issue in configuration. However, you can check the below article one more time and make sure all the settings are suitable, https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-windows#configure-role-assignments-for-the-vm
If you still get the same issue, I recommend you open an azure support case. If you don't have the ability to open a technical support ticket, please let me know and I can help you further with this.
If you are satisfied with the answer, please "Accept as Answer" and give a thumbs up, so that you can help others in the community looking for remediation for similar issues.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 91%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBH%3C/text%3E%3C/svg%3E)
It doesn't address the issue. All of these steps are followed, the machine has an FQDN, I can successfully authenitcate to the web login interface. The next screen, every time, is CAA20002 / AADSTS293004. On MY machine, I don't see an option for AAD join in settings, only to add a work/school account. I've done this. I've tried AzureAD/FullName (what shows up in the settings panel after adding), and also AzureAD/UPN, and also simply UPN. Auth every time, fail with these errors every time.
The documentation is horrible.
By "My machine" I'm referring to the Azure VM, running the latest Server 2022. My client is latest Windows 10.