RDP with Azure AD credentials on a Azure VM via FQDN

Ranuzzi, Alessandro 10 Reputation points
2024-01-09T14:54:15.1366667+00:00

Hi to everyone,

this in my situation:

  • Azure VM with windows server 2022
  • AADLoginForWindows enabled
  • Azure AD (ENTRA ID)

When i try to connect with RDP to the VM with my laptop, I can connect successfully only in two ways:

  • local admin credentials and VM public IP
  • Azure AD credentials and VM hostname changing my File Hosts, specifying the correspondence between hostname and public IP.

What i want to achieve is to avoid the changes on File Hosts, and utilize FQDN.

For now i've tried:

  • create a record A hostname.mypersonaldomain.it
  • edited registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    • domain= mypersonaldomain.it
      • NV hostname= machinehostname
  • DNS record propagated with success
  • reboot VM
  • Connection through .rdp file with
    • "use web account to sign in to the remote computer" enabled.
      • Computer: FQDN host

With this configuration I get the following error:

User's image

how can i solve this error?

Thank you

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
9,036 questions
Windows for business | Windows Client for IT Pros | User experience | Remote desktop services and terminal services
Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. vipullag-MSFT 26,487 Reputation points Moderator
    2024-01-10T01:34:48.44+00:00

    Hello Ranuzzi, Alessandro

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.

    Based on the details shared, looks like you have already taken the necessary steps to configure your Azure VM for Azure AD authentication and have created a DNS record for the FQDN. However, the error message you are receiving indicates that the Azure AD tenant is not recognizing the device identifier in the request.

    Try these troubleshooting steps and see if that helps resolve the issue:
    -Verify that the Azure AD tenant is correctly configured to allow Azure AD authentication for the VM.

    -Check that the AADLoginForWindows extension is installed and enabled on the VM.

    -Ensure that the VM's hostname matches the DNS record you created. Run hostname on the VM and make sure that the output matches the hostname specified in the DNS record.
    -Try connecting to the VM using the Azure AD credentials and the FQDN without specifying the domain name. For example, if the FQDN is hostname.mypersonaldomain.it, try connecting using hostname as the computer name.

    -If none of the above steps helps, you can try resetting the AADLoginForWindows extension on the VM to see if that helps.

    Hope this helps.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.