Azure – You can now use Azure AD Authentication to logon on Windows virtual machines (preview)

After  getting the ability to logon on Linux virtual machines on Azure using your Azure AD credentials (see http://blog.hametbenoit.info/2018/05/23/azure-you-can-use-your-azure-ad-credentials-to-logon-to-linux-vm/), you can now also do the same with Windows virtual machine (Windows Server 2019 Datacenter and Windows 10 1809 [or later]), available to all Azure regions.

To be able to use it, you need to ensure the Windows VMs in Azure has outbound access to the following endpoints over TCP port 443:

Enable for new virtual machine

Then when creating the virtual machine, you will need to turn on the option Azure Active Directory available in the Management creation step; when enabling the Azure Active Directory option is will also turn on System assigned managed identity

image_thumb

You can also use the Az command to add the Microsoft.Azure.ActiveDirectory extension

az vm extension set  –publisher Microsoft.Azure.ActiveDirectory –name AADLoginForWindows  –resource-group <your resource group>  –vm-name <your virtualmachine>

or with PowerShell

Then you can grant access using the Azure RBAC Virtual Machine Administrator Login or Virtual Machine User Login

image_thumb[1]

Enable for existing virtual machine

You can either use the Az command above or from the portal by accessing the Identity  blade to turn on the System assigned identity

image_thumb[2]

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Get in touch

Your Name (required)

Your Email (required)

Subject

Your Message

Book a Demo

Your Name (required)

Your Email (required)

Phone Number(Optional)

Ask a Question

Your Name (required)

Your Email (required)

Phone Number(Optional)

Your Message

Book Assessment

Evaluate your modern workplace security posture and validate it against current best practices with a Microsoft Secure Score Assessment, from cubesys

Your Name (required)

Your Email (required)

Phone Number(Optional)

Book your Windows Analytics Deployment

Your Name (required)

Your Email (required)

Phone Number(Optional)