I use this guide to walk customers through setting up a machine nearly weekly.
I'm curious why you push them away from using a MS account?
If the machine is pulled in to Azure AD by signing in with a MS AAD account, one cannot use that account to RDP into that endpoint. Something be broken there.
Better to set up a local account and bind the Azure AD/MS Account in the OS settings.
Interesting - didn't know that.
So what - you setup a local account, then under that local account, join it to an MS AAD, then login as the MS AAD account? Then you can RDP into the computer using the MS AAD account?
You can RDP into an AAD joined Win10 PC with an AAD account. I do it all the time.
Perhaps that account isn't added to the local Administrators group, or the one that allows RDP.
Log on process?
Domain\UserName & Password
[email protected] AAD account?
For standalone non-domain joined OS VMs/PCs [email protected] AAD does not work.
Yes [email protected].
On a device that is joined to AAD, try adding
AzureAD\[email protected]like this:
net localgroup Administrators AzureAD\[email protected] /add
Otherwise something is misconfigured in AAD. There are a lot of variables in this.
I ran the gamut of trying to get it to work both in CompMgmt.msc and CMD.
AAD is vanilla. No changes.
What's the exact command you used, because it works for me.
Not sure if this will work but include
AzureAD\has part of your username.
Yes that has to be included.
The error messages says something about the credentials, so no idea. Does it work if you add it to the local Administrators group?
Other than that, I'm not doing anything different and it works with any AAD account on any AAD device, so I've not had to troubleshoot it.