![]() ![]() In the login screen I specified the Azure AD/0365 user. ![]() Only after adding another local administrator account and log in locally with that user I could start the join process. Clicking the button didn't give any reply. I tried this and to my surprise the built-in local administrator did not have permissions to join Azure AD. In the case the windows machine has to change owner, that needs also local admin rights on the specific machine, you need to de-join from AAD and re-join using the new owner user account. This means that two AAD users can not be local admin on the same device at the same time, unless one of the users is a global admin for all devices. You can find this option by clicking on your tenant name and click on the 'configure' tab. Azure Active Directory to enable users to securely and conveniently sign in to. You can do his through the azure console on for which you need an AAD license). Global Administrator role in Microsoft Azure Active Directory required. What you can do is add additional administrators for ALL devices that have joined the Azure AD. My experience is also there is no option available to add a single AAD account to the local adminstrator group. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. In Windows 10, version 1709, you can add other Azure AD users to the Administrators group on a device in Settings and restrict remote credentials to Administrators. ![]() In Windows 10, version 1709, the user does not have to sign in to the remote device first. For synced user: "There is no such global user or group : name".For cloud only user: "There is no such global user or group : name".Otherwise this command throws the below error. This command only works for AADJ device users already added to any of the local groups (administrators). Where FirstnameLastname is the name of the user profile in C:\Users, which is created based on DisplayName attribute in Azure AD. You can specify individual Azure AD accounts for remote connections by having the user sign in to the remote device at least once and then running the following PowerShell cmdlet: net localgroup "Remote Desktop Users" /add "AzureAD\the-UPN-attribute-of-your-user" "Connect to remote Azure Active Directory-joined PC". I found this Microsoft document related to this question: ![]()
0 Comments
Leave a Reply. |