Share via

Windows app (formerly Remote Desktop) for macOS unable to connect to Windows 11 Entra ID joined device

Luka Š 10 Reputation points
2024-11-01T10:09:48.1033333+00:00

I have a VM with Windows 11 joined in Entra ID.

From Windows I can connect to the machine using Remote Desktop and the IP address and login with the local account (can connect with EntraID username in any way: AzureAD\Username, .\AzureAD\Username, Username) with both combinations of just username and ******@domain.com - with no success).

From Windows I can connect to the machine using Remote Desktop and the NETBIOS machine name with the “Use a web account to sign in to the remote computer” checked with my Entra ID.

From macOS I can connect to the machine using the Windows app and the IP address with the local account.

From macOS I cannot connect in any way to the machine using my Entra ID. Tried with the local IP address - cant login with the EntraID credentials. Tried with NETBIOS name, unable to connect at all:Screenshot 2024-11-01 at 11.04.51

If I try to connect with the (local) IP address using a modified .rdp file with

enablerdsaadauth:i:1

targetisaadjoined:i:1

I get to the microsoft login screen, but get this error:

Screenshot 2024-11-01 at 11.06.49

Question: I would like to connect to that machine through iOS/ macOS Remote Desktop app and the user’s EntraID. Anyone managed to achieve this?

Windows for business | Windows Client for IT Pros | User experience | Remote desktop services and terminal services
Microsoft Security | Intune | Microsoft Intune MacOs
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Windows for business | Windows Client for IT Pros | User experience | Other

5 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sebastian Gräf 5 Reputation points Microsoft Employee
    2025-03-19T01:45:24.75+00:00

    This feature is not mentioned anywhere in any of the MacOS Windows App but you can easily download the RDP file from the Azure portal or you create it yourself with the following configuration:

    full address:s:<ipaddress>
prompt for credentials:i:1
administrative session:i:1
enablerdsaadauth:i:1
targetisaadjoined:i:1

    Replace <ipaddress> with the target FQDN or IP.

    After that save the file as .rdp and just open it via the MacOS Windows App, it will trigger the Entra ID Web-Login.
    Hope that helps.

    Thanks,
    Seb

    1 person found this answer helpful.
  2. Anonymous
    2024-11-05T00:54:05.3866667+00:00

    Hello,

    You can check your firewall or vpn , I believe there may be something wrong with network communication.

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments
  3. Luka Š 10 Reputation points
    2024-12-14T14:01:43.9766667+00:00

    At the end i installed windows 10 and disabled network level authentication. Hope ms will extend support 😆

    for anyone still looking for an answer;

    https://rublon.com/blog/how-to-rdp-into-azure-ad-joined-vm/

    0 comments
  4. Luka Š 10 Reputation points
    2024-12-14T14:03:04.7566667+00:00

    For anyone still looking for an answer:

    https://rublon.com/blog/how-to-rdp-into-azure-ad-joined-vm/

    At the end i installed windows 10 and disabled NLA.

    0 comments
  5. TRAVIS MURRAY 0 Reputation points
    2025-04-25T21:38:33.7966667+00:00

    For anybody still looking for the answer, I was able to solve this by using the server name instead of the IP address in the RDP file.

    full address:s:MYSERVER:3389 
prompt for credentials:i:1 
administrative session:i:1
username:s:******@myemailaddress.com
enablerdsaadauth:i:1
targetisaadjoined:i:1

    I had to add the server name to my hosts file so it would resolve to the proper IP address, but now it works like a charm.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.