Is it possible to have Windows 10 AzureAD joined machines allow different users to login?

Ward Anderson 11 Reputation points
2020-04-10T14:33:52.483+00:00

Hi there -

I have remote offices all over the world where we're trying to slim down on the footprint but not having local domain controllers or any physical servers. I have AzureAD setup and I can join machines to it remotely over the internet. It seems that when this is joined to AAD the user that registered it is the only one that is allowed to login to it. I had another forum question for this where they suggested we use AzureAD\UPN to login as a different user but that didn't seem to work.

Is this possible? Could I have remote machines that are not joined to an On-Prem DC, that can authenticate different users logging in locally (eg not RDP they're just sitting at a destkop)?

Thanks,

Ward

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,187 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Pavel Otych 81 Reputation points
    2020-04-11T21:07:57.663+00:00

    Hi, not sure I understand the question - all Azure AD users can logon to Azure AD joined machines, it works the same way as if you had local DC.

    As for RDP, you can create a remote session without any issues from AAD machine to AAD machine. Sessions from non-AAD machines are doable but you need to disable Network Level Authentication on the AAD machine.

    0 comments No comments