Skip to main content

Joining Windows 10 to Azure AD Domain

As of October 2016 to join Windows 10 computers to Azure AD Domain service requires these steps:


  • When completed the IP address will be populated
  • Go back to the VNET configuration and add a DNS server with the IP (10.0.0.4 in this case)
  • Create the "AAD DC Administrator" administrators group (again in Directory -> Group). Members of this group are granted administrative privileges on machines that are domain-joined to the Azure AD Domain Services managed domain.
  • Add to the group your users who are supposed to have the administrative access
  • on a Windows 10 computer go to Settings -> Accounts (this is true for Windows 10 version  1607)
  • then select 'Access work or school' and click on Connect
  • On the next screen click on "Join this device to Azure Active Directory"

  • Enter your email address (from Azure AD user) and password

  • Click 'Sign In" 

  • and then 'Join"
  • and you're done!

Now to connect to the VM running Windows 10 a couple of changes required.
  • Disable 'Network Level Authentication' on the Windows 10 computer (clear the checkbox below)
  • In the RDP file add these two lines

                             enablecredsspsupport:i:0

             authentication level:i:2


  • Now log into the Windows 10 VM with Azure credentials using this format
AzureAD\<your email address>


                                  




If you have Office 365 subscription when you can access it without being prompted for credentials (true SSO experience)





Comments

  1. As I website owner I think the subject material here is real wonderful, appreciate windows 10 activator for your efforts.

    ReplyDelete

Post a Comment