Thank you for reaching out to the community forum!
The error message "Principal XXX was not found" indicates that the user or group being added to the Remote Desktop Users group does not exist in the Azure AD tenant or a syntax error in the command could you please check if the user is exists in the tenant.
net localgroup "Remote Desktop Users" /add "AzureAD\test@contoso.com"
Replace test@contoso.com with the users UPN or the object ID. may I know the VM is being AAD joined?
Also, if possible, try adding a different user to the Remote Desktop Users group to see if the issue is specific to the user account or for every user.
If the error persists, check the Event Viewer for any relevant error messages that might provide additional information about the problem.
The other side to answer your question. Yes, it is possible to use an Azure Active Directory (AAD) user to authenticate through Remote Desktop Protocol (RDP) to an Azure Virtual Machine (VM) that has the AAD Login extension activated. This setup allows you to leverage Azure’s cloud-based identity service for authentication, even if the VM is not part of an on-premises domain.
Reference: https://learn.microsoft.com/en-us/entra/identity/devices/howto-vm-sign-in-azure-ad-windows
https://learn.microsoft.com/en-us/windows/client-management/client-tools/connect-to-remote-aadj-pc
Hope this helps. Do let us know if you any further queries.
Thanks,
Akhilesh.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.