This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 71%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
I have an Azure AD Tenant (Free) and I have connected an Azure VM (Win10 Pro 21/H2) to it, but find that I cannot login to it via RDP with any Azure AD user accounts (with VM Administrator/User RBAC roles) from my home Win10 machine that is also connected to the Azure AD Tenant.
The user account on the Windows 10 Pro 21/H2 home machine has Windows Hello and a PIN set - which I believe is considered a Strong Authentication mechanism wrt MFA.
If I have "Security Defaults" enabled on my Azure AD tenant, my users cannot login, whereas if I set it to disabled - then they can login - I suspect that this is due to "Security Defaults" forcing MFA for my users (which I want), but that the Windows login is not able to accept the MFA login (but I thought it should if the client endpoint has Strong Auth / Windows Hello & PIN).
I want to have "Security Defaults" Enabled for security reasons, but also want to be able to RDP to my Azure VM's - how can I do this?
GaryMansell-3848 • Do you get a legacy prompt to enter the credentials, as shown below?
Hi, thanks for getting back to me on this...
Yes, I supply credentials in that pop-up login box which are accepted, the login denial is shown on the VM's console after the login dialog:
Hi @Gary Mansell .
How did you fix this? I have the same scenario with Security Defaults enabled and some AVD users can login and some don't. Getting the "The username and password used to connect to the remote resource didn't work".
Any help is appreciated.
Thanks.