Problems accessing Azure AD joined Windows 10 VM with RDP

I recently setup a lab environment with a Windows VM in Azure.

I connected with RDP via VPN and as a local admin.

After joining it to a Azure AD I tried to connect with the corresponding Office 365 UPN and credentials but did not succeed.

After hours of investigation and opening a support ticket with Microsoft I found this solution:

  • to connect via mstsc you’ll need to adjust the RDP config file adding the parameter
    enablecredsspsupport:i:0
  • Now you’re able to connect with RDP via mstac with the O365 user in the form of
    AzureAD\<UPN>
    (example: AzureAD\someuser@yourdomain.onmicrosoft.com)

If you prefer another RDP client (as I do with Remote Desktop Connection Manager), you’ll have to change a registry setting, as Microsoft changed the RDP defaults in Windows 10. They modified the default for “SecurityLayer” from 0 to 2. Even if you go into the user interface and disable: “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” Still doesn’t change that value to a 2.

  • Open RegEdit
  • Navigate to this Key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
    (Thanks to Renato Brito from Microsoft for this!)
  • Change “SecurityLayer” to a zero
  • Reboot and done!

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.