Azure Bastion host using Azure Active Directory credentials..

Cesar Martinez 21 Reputation points
2022-08-08T20:46:15.947+00:00

Are we able to access VM via Azure Bastion host using Azure Active Directory credentials??

I have followed instructions to set bastion up and still getting the bellow error. I am able to sign in using the admin credentials but not the Azure AD credentials.

Please any help will be appreciated..

229304-image.png

Azure Bastion
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
266 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,443 questions
0 comments No comments
{count} vote

6 answers

Sort by: Most helpful
  1. Andreas Baumgarten 111.7K Reputation points MVP
    2022-08-16T06:44:16.147+00:00

    Hi @Cesar Martinez ,

    I found this today: https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows

    231296-image.png

    Maybe this information helps.

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    2 people found this answer helpful.
    0 comments No comments

  2. Max Zamarripa 10 Reputation points
    2023-11-30T23:25:35.03+00:00

    Please Microsoft Team add the feature to connect to Azure Bastion using Azure Ad in the browser, seems like an odd oversight in the paid service.

    Since you can configure the VMs to use Entra Id, but it becomes pointless if you decide to connect using Azure Bastion without a native client.

    2 people found this answer helpful.
    0 comments No comments

  3. Andreas Baumgarten 111.7K Reputation points MVP
    2022-08-08T21:11:58.523+00:00

    Hi @Cesar Martinez ,

    you need to login to a VM with an user account the VM is able to resolve. This could be:

    • A local user account in the guest os of the VM
    • An AD domain user account if the VM is AD joined
    • An Azure AD account if the option Login with Azure AD is activated for the Azure VM (+ the user is added to the required RBAC role and the OS is Windows Server 2019 Datacenter edition and later, or Windows 10 1809)

    https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows#azure-portal

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    1 person found this answer helpful.

  4. Marc Antheunis 5 Reputation points
    2023-04-19T07:51:06.6466667+00:00

    i have the same issue, i can connect using bastion with local user of vm but nog with the AD user using the website connect all is setup correctly afaics so is there anything i can double check? reading up on the MS articles it should work win11 vm...

    1 person found this answer helpful.
    0 comments No comments

  5. Daniel Mihaescu 5 Reputation points
    2023-05-08T19:15:47.58+00:00

    I have a similar issue:

    I can connect to the VM using bastion and the local admin account, but I can not connect using the AD credentials. However I can connect to the VM using AD credentials if I RDP directly (after assigning a public IP), but this defeats the purpose of the bastion.

    So RDP with AD credentials works, RDP using Bastion with AD credentials does not.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.