I figured this out on my own.
The VM has to be joined to the AzureAD domain via System Properties the same way it a host is joined to a on-prem AD-DC and NOT via "Access work and school".
Cannot Login to Azure AD Connected VM
I have a number of Azure AD connected VMs already provisioned and running, but these were created last year. I have zero problems logging into those with Azure user credentials. Recently I tried to create a new Azure AD connected VM (Windows 10), assigned the Virtual Machine Administrator and Virtual Machine User Login RBAC roles to my user, but cannot login to the new VM. I have no problem signing-in to the new VM with the built-in administrator account I created with the VM.
If I connect to one of my other Azure AD connected VMs (created last year) on the same subnet and attempt to ping the new VM by it's hostname (hostname.domain.com) I get no response, but pings to it's local IP are good. Alternatively, if I login to the new VM and try to ping another Azure AD connected VM (on the same subnet) by it's hostname only I get nothing, but if I ping it by its FQDN (hostname.domain.com) then I get a good ping back. Something in Azure has definitely changed that I'm not aware of, because every time I have provisioned a new VM in the past, I haven't had any problems until recently.
Any guidance or suggestions would be greatly appreciated.
Thanks.
2 answers
Sort by: Most helpful
-
Sam Gray 1 Reputation point
2022-05-23T19:12:43.41+00:00 -
JamesTran-MSFT 36,771 Reputation points Microsoft Employee
2022-05-31T23:03:49.423+00:00 @Sam Gray
I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this!Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others", I'll repost your solution in case you'd like to "Accept" the answer.
Error:
Event ID 4625: Unknown username or bad password.
Status: 0xC000006D
Sub Status: 0xC0000064 Bade UsernameSolution:
The VM has to be joined to the AzureAD domain via System Properties the same way a host is joined to an on-prem AD-DC and NOT via "Access work and school".
If you have any other questions, please let me know.
Thank you again for your time and patience throughout this issue.
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.