How to RDP from one Azure VM to another with AzureAD Auth? - azure

I have multiple VM's on Azure, all enabled for AAD Authentication.
From my PC, I can RDP into any of them using my AAD creds successfully.
However, if I RDP into one of them, and then from there try to RDP into a different one, it fails with a generic "your credentials did not work" message.
Any ideas why this doesn't work? I would like to use one of them as my daily workstation VM, and be able to RDP into the others as needed.

For the error "Your Credentials Did Not Work"
Please check if below are the reasons for getting the error,
Windows Policy: Maybe Windows Security Policy is preventing non-admin users from signing in.
Username change: If you rename your user account of other VM, it doesn't get change for the RDP connection
To know more in detail please refer this link: Your Credentials Did not Work in Remote Desktop
To troubleshoot the error, please follow below steps,
Try running Network Adapter Troubleshooter
Try changing the network profile from public to private
Try changing account Username
Try editing windows security policy
Try using the group policy editor
To know how to perform all these in detail please refer link.

Related

Connect to Azure VM by RDP: An internal error has occurred

we have the virtual machine:
account: xxxxxxxxx#xxxxxxx.xxx,
account type: Personal account,
subscription: Microsoft Partner Network,
resource group: xxxxxxxxxxx,
virtual machine: xxxxxxxxxxx,
public ip address: xx.xxx.xx.xx:xxxx and
OS: Windows Server 2012 R2 Datacenter.
I downloaded the xxxxxxxxxxx.rdp from Azure portal.
If I clicked on the RDP I had got error:
Remote Desktop Connection: An internal error has occurred.
Do you know cause?
Thank you very much.
I managed to fix my issue with these 3 steps. To do so, you need to be able to connect to your machine with RDP. I can do that, if I am connecting while it is starting up, then my RDP somehow works.
The permanent fix for me was these steps.
1: remove the checkmark
2: change group policy setting
3: delete machine keys
One option is to use an alternative RDP client, such as the Microsoft Remote Desktop Windows Store app or even FreeRDP.
Edit to add: RDP access had been misconfigured leaving open access to the public internet and there were multiple dead connections leftover from brute force attempts to login. Cleaning up the firewall to restrict access meant no more invalid login attempts and the problem seems to have gone away without any VM configuration changes.
The internal error may be caused by several reasons and you can follow the steps here to troubleshoot and solve it. Take care, backup the VM OS disk is an important action and should be done before doing other actions.

Azure VM: the user account used to connect to remote PC did not work

I have an Azure Virtual Machine connected with Azure Active Directory. A user from this AD is added to this machine as an admin. Other people can successfully RDP to the machine with this user's credential, but I get error saying "The user account used to connect to remote PC did not work. Try again". Well, I am trying the whole day. Does anyone know what can cause this?
The fun fact is, I can RDP to the machine using the local admin, but again it fails with AD user.
I tried connecting with Microsoft Remote Desktop for Mac, mstsc for Windows and with Remote Desktop Connection Manager. The same result everywhere.
I tried different usernames format:
alex.sikilinda#mydomain.com - other people can successfully login using this format
AzureAD\alex.sikilinda#mydomain.com - for windows client getting the same error, for Microsoft Remote Desktop for Mac getting "Your session ended because of an error. If this keeps happening, contact your network administrator for assistance. Error code: 0x807"
AzureAD\AlexSikilinda mstsc error - "Remote machine is AAD joined. If you are signing in to your work account, try using work email instead", Mac - "Your session ended because of an error. If this keeps happening, contact your network administrator for assistance. Error code: 0x807"
Microsoft Remote Desktop for Mac version 10.2.3 (1343)
Windows 10 version 16299 (also tried with 1803 on another machine, the same result).
I also came across the same error for the win10 that is AAD join, and I tried the following way to solve this:
Change VM Remote desktop settings same as the picture
Create a new RDP config file
Open mstsc.exe, click on Show Options and then click Save As(give it a new name such as AzureAD_RDP, save it somewhere easy to find).
Open the saved file using Notepad. Verify that the following two lines are present, if not, add them, and save.
enablecredsspsupport:i:0
authentication level:i:2
RDP to the target VM
Open the RDP config file that you just edited, enter the IP address of the VM, do not enter any username, and then connect.
Here you could use AzureAD\UPN or username to log in.
I haven't tried disabling the NLA (and wouldn't recommend), however in my case was the legacy MFA getting in the way of getting into the VM, even if only enabled for the account, and not forced.
In my case, we're using the Conditional Access with MFA, but we have to exclude the VM from the cloud apps (Azure Windows VM Sign-In), because we're not using Windows Hello (thanks Microsoft for a half baked solution!).
See Login to Windows virtual machine in Azure using Azure Active Directory authentication for more details.

Accessing VMs (RDP) after getting owner(co-administrator) access to an Azure Subscription

If I get owner(co-administrator) access for an Azure subscription, will I be able to RDP to any of the VMs(Windows) without be able to access login and passwords? As of now I don't have this special access, so not sure if after getting this access (co-administrator) if I will be able to see the usernames and passwords for all the VMs in the subscription no matter who created them?
If I get owner(co-administrator) access for an Azure subscription,
will I be able to RDP to any of the VMs(Windows) without be able to
access login and passwords?
Answer is "not exactly" because you still need to know the RDP credentials in order to remote into any virtual machine (there is no other magic connectivity route for co-admins other than standard RDP credentials AFAIK).
However, imagine a scenario where someone else created a VM and hasn't really shared the RDP credentials with you. If you are a co-administrator for the Azure subscription to which this VM belongs, you now have the power to reset RDP credentials to new ones, that you know about and then use these new credentials to RDP.
Here are the step-by-step instructions that can be followed to do this reset password for a Windows VM. How to reset the Remote Desktop service or its login password in a Windows VM
NOTE: I mentioned "reset" and not add, so previously set credentials will no longer work.

View file structure of my Azure Linux VM

I'm new to Azure; I wanted to take advantage of being able to run PrestaShop (e-commerce software) and Azure marketplace has single VM plan. I followed this video and got it up and running. Trouble is to login to the site's Admin interface you need to know the secret folder that is randomly created by the installer. I have tried the Azure Storage Explorer , but nothing useful is displayed. I also tried to login using putty and SSH, but keep getting access denied. I suspect I need to configure an endpoint for port 22, as described here in order to get ftp working, but apparently this is not possible with a free subscription (?).
Any help as to how I can find that folder name would be appreciated.
With Azure Free Trial Subscription, I can successfully login into the PrestaShop Azure Linux VM without any issue.
Note: No need to configure an endpoint for port 22.
To connect to your Linux virtual machine using SSH, use the following command: ssh username#IPAddress and password.
If you are facing an issue with your login, you can reset the password.

Azure Virtual Machine Login

I started to try azure today, I am creating a windows 2016 virtual machine, everything is ok but i cant login with the username and password i created on the azure wizard, can anyone help me?
You may want to try from the RDP you download from the connect button in the portal. You may want to connect as .\yourusername instead of just yourusername. You can also try resetting the password from the portal (portal.azure.com), reset remote access.
Have you tried to login with the local administrator account? This allowed me to gain access to my VM, and once logged in I could change some settings.

Resources