Unable to login with Entra ID in Azure AD joined VM Windows Server

Question

Unable to login with Entra ID in Azure AD joined VM Windows Server

Rama Prasad 25

Unable to login with Entra ID, which was created with custom domain, to Azure AD joined VM Windows Server. Could successfully join VM to Azure AD with Entra Id credentials. But when trying to login with the same ID getting Login Attempt Fail error. Made user group as Virtual Machine Login User and gave remote login permissions in VM. When adding the user to the list of remote users it asked for Entra Id credentials and it worked as well. But from RDP unable to login with the same credentials.

David Faivre - PCS 1 Reputation point

2025-01-16T20:49:36.3966667+00:00

We just started getting this error today - did something break/change?

Accepted answer

0 additional answers

Your answer

David Faivre - PCS 1 Reputation point

2025-01-16T20:49:36.3966667+00:00

We just started getting this error today - did something break/change?

Answer 1

Sandeep G-MSFT 20,911 Microsoft Employee Moderator

@Rama Prasad

Thank you for posting this in Microsoft Q&A.

If anyone is trying to take RDP to the device they will have to use the username in the format of ******@domain.com of user account or you can also the format AzureAD******@domain.com. But there are some prerequisites that needs to be met to take RDP on to the device which is Azure AD joined.

Both devices (local and remote) must be running a supported version of Windows.
Remote device must have the Connect to and use this PC from another device using the Remote Desktop app option selected under Settings > System > Remote Desktop.
- It's recommended to select Require devices to use Network Level Authentication to connect option.
- If the user who joined the device to Microsoft Entra ID is the only one who is going to connect remotely, no other configuration is needed. To allow more users or groups to connect to the device remotely, you must add users to the Remote Desktop Users group on the remote device.
- Ensure Remote Credential Guard is turned off on the device you're using to connect to the remote device.
You can follow below article if you are looking to connect using Microsoft Entra authentication. https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc#connect-with-microsoft-entra-authentication Let me know if you have any further questions. Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Rama Prasad 25 Reputation points

2024-01-19T08:39:04.9466667+00:00
Below is the sequence of activities done.

Created an account in Microsoft Office 365

Successfully added an existing Domain, with all the instructions of MX Record etc.

Entered into Azure portal with same credentials and Successfully created subscription, VM Windows 2022 Azure Data Center

Successfully able to login into VM with local admin credentials.

DHCP and DNS are automatically set to 168.63.129.16

AzureAD = Yes.

Created two users in Office 365 admin center and could see them in Entra ID and added to a newly created Group.

Gave Azure role assignment the above user Group for "Virtual Machine User Login" role.

Trying to login to VM through RDP with the above user. Login Attempt Failed error message displaying. Also, it displays that the remote machine is AAD Joined. If you are signing in to your work account, try using your work email address.

Tried giving work email ID. Same error appears. Login Attempt Failed.

As per another blog went to Microsoft Entra Admin Center>>OverView>>Properties>>Manage Network Defaults and disabled security defaults. Still same error. Please help:

Login to VM with Entra Ids (Office 365 IDs)

How to join this VM to custom domain, which was added through Microsoft 365 admin center. I do not want to have onmicrosoft.com. So added a domain successfully to Entra. Currently VM is in workgroup. The DNS IP shows 168.63.129.16.
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator

2024-01-20T01:22:09.98+00:00

Hello @Rama Prasad , thanks for providing feedback for @Sandeep G-MSFT answer and for posting a new question. Do both questions relate to the same issue or different ones?
Rama Prasad 25 Reputation points

2024-01-20T03:40:16.27+00:00

Both related to same issue.
David Faivre - PCS 1 Reputation point

2025-01-16T20:51:28.1266667+00:00

Same issue started for our company today - it worked before, now we can't sign in from our Entra joined laptops using Windows Hello (for Business)

Share via

Unable to login with Entra ID in Azure AD joined VM Windows Server

0 additional answers

Your answer