![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 63%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,076 questions
Hello @Anja Dyna ,
Yes, users can login to the VM (or over RDP) using an organizational Azure AD account when VMs are Azure AD joined (via the Account settings screen of Windows 10) even if you didn't checked the Login with Azure AD option while VM creation.
By this way users experience all AAD SSO benefits but administrator/user have to setup manually by going to account setting from Windows 10/2019 to join devices to Azure AD whereas Login with Azure AD feature would automatically take care of all configuration needed for users Signin with the help of AADLoginForWindows extension during VM deployment without having administrator to setup manually.
In addition to that you experience additional management features such as Azure role-based access control (Azure RBAC) policy, specify who can login to a VM as a regular user or with administrator privileges. Two Azure roles are used to authorize VM login (Virtual Machine Administrator Login / Virtual Machine User Login) when you use "Login with Azure AD" feature .
To learn more, refer :https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows
Hope this helps.
------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.