unattended access using Azure ad account - currently using a local admin user as workaround
I currently cannot seem to get an unattended access setup to several machines when using an azure account.
the azure user is a member of local administrators (built in) group
I can logon to the machine locally
I cannot connect to the machine remotely using the username@domainname.com.au address (azure ad id)
I CAN connect if I create a local user on the computer, with local administrator group membership (same as the azure account) and then use that account to connect to the machine.
once connected I can logon to the machine using the azure account as normal.
question:
Can I configure wayk to allow connection using the azure logon instead of the local account
(both are in the administrators group locally)
All Comments (2)
Hello
It sounds like it should work - clearly the account has the necessary access to log on to the machine, and logging in with a UPN should work from our side. However I'm not sure we've ever tried this with an Azure AD identity. We'll do some checking internally, but, in the meantime - the service should log some information about the failures. Can you send us the log file from %programdata%\wayk\logs\nowservice.log? You can attach it here, send to me via PM or email to support@devolutions.net.
Thanks and kind regards,
Richard Markievicz
Hi,
I think we'll need to see how we can replicate a similar environment to test. We're not very familiar with this special type of Windows logon, but does it correspond to the one described in this blog? https://blogs.technet.microsoft.com/canitpro/2016/05/26/step-by-step-enabling-windows-10-authentication-via-azure-ad-join/
Best regards,
Marc-André Moreau