How to login to an AzureAD Domain Joined Windows 10 via Remote Desktop

Written by James McDonald

January 9, 2021

You may have a weird local username on your AzureAd Joined Windows 10 Pro device

dsregcmd.exe /status
... snippage
Executing Account Name : AzureAD\RupertShocking_xvj0pkur, [email protected]
... snippage

whoami /UPN
[email protected]

The secret is the format AzureAD\[email protected] where [email protected] is your Azure / Microsoft 365 login user. This is the UPN (userPrincipalName)

Also you will have to modify the RDP settings on the Windows 10 Pro computer you are connecting to and disable Network Location Authentication (NLA)

Here is a snippet I added as an Intune script which did the trick

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" -Name SecurityLayer -Value 0 -ErrorAction SilentlyContinue

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" -Name UserAuthentication -Value 0 -ErrorAction SilentlyContinue


Submit a Comment

Your email address will not be published.

You May Also Like…

List your VSCode Extensions

Ever wondered what extensions you have installed and want to keep a list? This actually is a good way to audit your...

array_merge vs the + operator

<?php $options = [ 'rootNode' => 'response' ]; // array_merge // the same key appearing later will overwrite echo...