Join VM to Entra ID DS with regular user

PhantomCordShinobi 0 Reputation points

Hello everyone,

we join ubuntu workstations to entra id ds manually using a global admin account. We'd like to automate this using an account with lesser privileges.

According to MS documentation, joining to entra id ds should be possible for any user that is part of entra id ds. When we try this, we get authentication errors. The same machines can be joined using a global admin account.

How can a computer be joined to entra id ds with an account that's not global admin?

Thank you very much!

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,204 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,505 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Babafemi Bulugbe 3,135 Reputation points MVP

    Hello PhantomCordShinobi,

    Thank you for posting your query in the Microsoft Q&A Community.

    There are a few bits to check when encountering authentication issues while trying to domain join machines to Entra ID managed domain.

    • Make sure this is not a guest user (external account) invited to the tenant. Only users created within the Entra ID tenant or part of the managed domain should be used to complete this process
    • Check that you have enabled password synchronization to your managed domain. Without this configuration step, the required password hashes won't be present in the managed domain to correctly authenticate your sign-in attempt.

    Follow the link to get more information about how to troubleshoot authentication-related issues in a managed domain.

    Let me know if further assistance is needed.


    0 comments No comments