How to Remove a Remote Machine from Azure Domain and Disable Future Logins?

Gino Sullivan 0 Reputation points
2025-01-15T18:32:03.39+00:00

Is there a method to remove a remote machine from the Azure domain or disable all future domain logins on that machine? The goal is to prevent any users from accessing the computer until it can be retrieved.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,277 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Samantha St-Louis 195 Reputation points
    2025-01-15T20:23:22.11+00:00

    Hello Gino!

    Yes you can! I wrote a step by step for you. Please accept the answer afterwards if possible so others know that this works :)

    Step 1. Disable the Computer Account in Azure AD

    -> Block any authentication from that machine.

    • Microsoft Entra ID > Devices.
    • Find the machine by searching for its device name in the list.
    • Select the device and click Disable.
    • This prevents all Azure AD users from signing into the machine.

    Step 2. Remove the Computer from Azure AD

    • Select the device and click Delete.
    • This removes the computer from the domain entirely.

  2. Raja Pothuraju 12,985 Reputation points Microsoft Vendor
    2025-01-16T05:51:30.3666667+00:00

    Hello @Gino Sullivan,

    Thank you for posting your query on Microsoft Q&A.

    Based on your statement, I understand that you are looking to remove or delete a remote machine (Virtual Machine) from Azure Domain (Microsoft Entra Joined device state) or disable all future logins on that machine until it is retrieved. Please correct me if my understanding is incorrect.

    You can follow these steps to disable or delete the device from Microsoft Entra ID:

    1. Sign in to the Microsoft Entra admin center as a user with at least Cloud Device Administrator.
    2. Go to Identity > Devices > Overview > All Devices.
    3. Locate the device you wish to disable or delete.
    4. Select either Disable or Delete, then click OK to confirm the action.

    By disabling or deleting the device, users will no longer be able to log in using their work or school account credentials.

    If you're looking for an alternative approach or have additional details (e.g., whether the users are using local accounts or work/school accounts), please share them so we can provide more tailored guidance.

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    Thanks,
    Raja Pothuraju.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.