2

I'm working on setting up a Windows 10 Pro machine so that its user can log in using RDP.

The user is logging in with their AAD credential, [email protected]. When using this credential, RDP asks for the user's password, not PIN. We have had zero success with the user's password. We've cross-checked the password a number of different ways to no avail. We've done the same with the user's email address. "The logon attempt failed."

enter image description here

enter image description here

When initiating the RDP session, RDP asks for the user's email address, and RDP does recognize that this computer is connected to AAD as it displays a note telling us as much if we use an invalid username:

enter image description here

Setting up a local user account, giving it permission to log into the machine via RDP, we're able to get into the machine just fine.

So, seems that there's something funky with RDP that it won't let AzureAD users log in. We've tried other AADDS users in the organization, ensuring that they're listed in the allowed users to no avail.

What am I missing?

Improve this question

3 Answers 3

Reset to default
1

You need to check the option "Use a web account to sign in to the remote computer". enter image description here

Improve this answer
1
  • This did the trick for me... thanks!
    – Paul Molodowitch
    Commented Jul 8 at 18:15
0

I found the answer here:

To successfully connect to an AzureAD joined computer using Remote Desktop, you will need to first save your connection settings to a .rdp file.

To do this, open the Remote Desktop Connection program, enter the IP Address or computer name, then click the "Save As" button at the bottom of the screen. Save it someplace convenient, since we'll need to edit this file by hand.

Next, Right-Click the saved .rdp file and open with Notepad.

Go to the very bottom of the file, add the following lines:

enablecredsspsupport:i:0 authentication level:i:2 Save the file and close.

Now, try double clicking the modified .rdp file and login using the format:

AzureAD\YourFullUsername Screenshots, original information and credit go to bradleyschacht.com

Improve this answer
0

Same here - and disabling NLA and setting up a .rdp file for each of my thousands of users is NOT a viable workaround. Microsoft really needs to fix this. They fully admit it occurs (off the record) but there is zero indication that they will be addressing it

Improve this answer
1
  • 1
    As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center.
    – Community Bot
    Commented Jan 13, 2023 at 19:37

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .