Unable to log into Azure AD joined VM with Role assigned Admin

AlexR2020 46 Reputation points
2020-09-11T17:56:00.14+00:00

Hi,
I've stood up my first VM with the preview management options enabled to allow AAD accounts to login. But when I try to connect with the UPN that has the admin role assigned, I get "WE ARE UNABLE TO CONNECT RIGHT NOW, PLEASE CHECK YOUR NETWORK AND TRY AGAIN LATER".
Here are some factors:
--We do NOT have MFA required
--The host name shows "enabled" in the AAD devices
--The windows 10 workstation I'm using shows "enabled" in the AAD devices
--I am able to login with the local admin account
-- I get 200's when I run the curl commands recomended here: https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows
-- looks like the version of the AAD agent that got installed is 0.4.1.1
-- I've tried AzureAD\first.last@keyman .com, first.last@keyman .com, UPN, SPN.

I know that this feature is in preview, but this would REALLY help us use Azure in a Production perspective to stay compliant.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,692 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,326 Reputation points
    2020-09-11T19:21:37.157+00:00

    The device from where you're connecting must be a Windows 10 PC that is Azure AD joined or hybrid Azure AD joined to the same directory as the VM. If that's the case then open a support request.

    --
    Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.