question

SR-7559 avatar image
0 Votes"
SR-7559 asked prmanhas-MSFT commented

Azure VM RDP using Microsoft Account (eg. username@hotmail.com)

1) Created a W10 VM in Azure (W10 2021 H2 Gen2)
2) During creation process, setup a local account and have enabled AD Login option under management tab
3) After creation, I can login easily using local account created above
4) After logging in, added a new account (username@hotmail.com) by typing netplwiz and set this account as Administrator

5) Unable to login to the VM using username@hotmail.com account

What could I be missing here?

azure-virtual-machines
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

prmanhas-MSFT avatar image
1 Vote"
prmanhas-MSFT answered prmanhas-MSFT commented

@SR-7559 Apologies for the delay in response and all the inconvenience caused because of the issue.

I did repro in my lab and below are my findings as per your use case:

Firstly I created windows VM as per specification mentioned by you in the query. Once created I did RDP to the machine and tried to run netplwiz command which allowed me to add my email account and make it an admin as below:

114181-image.png

114185-image.png

114186-image.png

114110-image.png

I then went to user setting to set the password for this user as below :

114154-image.png

Once set I tried doing RDP to the system in the format vmname\username which is the expected format. Now I tried both with email as well as the Display name for the user but Login failed both time with same error.

114211-image.png

Just to be sure I tried another scenario where I created user locally on the VM and then with the help of netplwiz command changed the user from user type to Admin and this time I was able to log in to system without any problem:

114126-image.png

114158-image.png

So here we can safely assume that we can RDP to the system with the local user created in the VM but the problem is arising with the Microsoft account or the email accounts with the same account


I did some digging and found few articles which talk about connecting Microsoft account to Azure VM.One such article was this which I followed and even though it was for Windows 8 I was successfully able to apply same setting for windows 10

114232-image.png

Disabled NAL (not recommended) for testing purpose. Unchecked option after clicking on Advanced option:

114204-image.png

Now as per recommendation in article you need to change the RDP file with setting as below:
114214-image.png

But here is a catch if you directly do the change as per mentioned in article you will get the error “The connection cannot proceed because authentication is not enabled and the remote computer requires that authentication be enabled to connect.”

Reason being In the more modern versions of Microsoft Windows (for example Windows 10 & Windows Server 2016) the RDP defaults have changed. The default for “SecurityLayer” has been changed from 0 to 2. Disabling: “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” doesn’t change that value to a 0 either.

For that to happen first login to VM with local account and made these registry changes:

  • Go to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

  • Change “SecurityLayer” to 0

Once you made the change I went ahead made the RDP file change as mentioned and was successfully able to login with username as my Microsoft account and password you can put any at first attempt:

114080-image.png

Even though I was able to go through it but I won't recommend this since there might be security issues involved as well. You might like to check this which talks about the user login in general.
Another way is to reach out to Support as well to get better insights.

Hope it helps!!!

Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.











image.png (139.1 KiB)
image.png (141.6 KiB)
image.png (116.2 KiB)
image.png (66.7 KiB)
image.png (128.4 KiB)
image.png (38.1 KiB)
image.png (74.8 KiB)
image.png (44.6 KiB)
image.png (86.0 KiB)
image.png (81.1 KiB)
image.png (10.4 KiB)
image.png (84.9 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks @prmanhas-MSFT - Your detailed guide with screenshots works.

I can now login to the Azure Windows (11) VM using username@hotmail.com id and it's password.

0 Votes 0 ·

@SR-7559 Glad to hear that it was helpful :)

Thanks

0 Votes 0 ·
ManuPhilip avatar image
0 Votes"
ManuPhilip answered

I guess the login should work if you use the username field as .\username@hotmail.com

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.