Articles on: Secure RDP

How to RDP to an Azure AD Joined Machine

How to RDP to an Azure AD Joined Machine with TruGrid

If you would like to RDP into an Azure AD joined machine, below are two methods currently supported by TruGrid.

APPROACH 1: Local User Login

Create a new local user (not tied to Azure AD) on the machine you are remoting into
When you see the RDP login prompt, select "use a different login"
Enter login and password for local login you setup

APPROACH 2: Use Azure AD Login

Please follow below steps to configure an AzureAD-joined computer for use with Azure AD login:
On the RDP host (the AzureAD-joined PC), disable NLA as shown below

Make sure that the end user's AzureAD account has been added to the “Remote Desktop Users” local security group on the RDP host (the AzureAD-joined PC). Below is how to do this:
On the RDP host (the AzureAD-joined computer), open PowerShell in elevated mode and run below command:
Add-LocalGroupMember -Group "Remote Desktop Users" -Member "AzureAD\"

On the RDP host (the AzureAD-joined computer), install TruGrid SecureConnect version or later

On the end user endpoint (the computer that you are connecting from), use an AzureAD account to login, using the latest TruGrid Connector (Web, Windows, Mac)

TruGrid Mobile Connectors are currently not supported for login to AzureAD-joined computers.

Approve the RDP certificate as shown below and select YES

On the login page, enter login name in the form AzureAD\ and supply the password.


In order to determine if a computer is joined to AzureAD, please open elevated command prompt on the computer and run "dsregcmd /status". See below for example:
Output for "dsregcmd /status"

When logged into TruGrid Connector, computers that are AzureAD-joined are indicated as shown below:
How to determine an AzureAD-joined computer

Updated on: 30/07/2023

Was this article helpful?

Share your feedback


Thank you!