How to RDP to an Azure AD Joined Machine
How to RDP to an Azure AD Joined Machine with TruGrid
If you would like to RDP into an Azure AD joined machine, below are two methods currently supported by TruGrid.
APPROACH 1: Local User Login
Create a new local user (not tied to Azure AD) on the machine you are remoting into
When you see the RDP login prompt, select "use a different login"
Enter login and password for local login you setup
APPROACH 2: Use Azure AD Login
Please follow below steps to configure an AzureAD-joined computer for use with Azure AD login:
On the RDP host (the AzureAD-joined PC), disable NLA as shown below
Make sure that the end user's AzureAD account has been added to the “Remote Desktop Users” local security group on the RDP host (the AzureAD-joined PC). Below is how to do this:
On the RDP host (the AzureAD-joined computer), open PowerShell in elevated mode and run below command:
Add-LocalGroupMember -Group "Remote Desktop Users" -Member "AzureAD\firstname.lastname@example.org"
On the RDP host (the AzureAD-joined computer), install TruGrid SecureConnect version 220.127.116.11 or later
On the end user endpoint (the computer that you are connecting from), use an AzureAD account to login, using the latest TruGrid Connector (Web, Windows, Mac)
TruGrid Mobile Connectors are currently not supported for login to AzureAD-joined computers.
Approve the RDP certificate as shown below and select YES
On the login page, enter login name in the form AzureAD\email@example.com and supply the password.
In order to determine if a computer is joined to AzureAD, please open elevated command prompt on the computer and run "dsregcmd /status". See below for example:
When logged into TruGrid Connector, computers that are AzureAD-joined are indicated as shown below:
Updated on: 30/07/2023