Azure – Azure AD Authentication for Windows virtual machine is now in preview

You may remember that about a year ago, Microsoft has introduced the capability to logon with your Azure AD credentials on Linux virtual machine running on Azure.

Well, good news, this possibility is now available in preview for Windows virtual machine too Smile – to be more precise, only on Windows 2019 or Windows 10 1809 or later.

NOTE if you are using Windows 10 OS, your virtual machine will need to Azure AD Joined or hybrid Azure AD Joined

Using Azure AD authentication to logon to your Windows Azure virtual machine allows you to take advantage of the Azure AD security capability such as RBAC, conditional access, risky sign-ins…

You can enable this option (which will also turn on the System Managed identity too) when creating the virtual machine at the Management step


Once the virtual machine has been created, you will still need an additional action using PowerShell or Azure Cli – you can use the Cloud Shell to do it – to install the Azure AD extension

NOTE it may take few minutes to complete

Azure Cli

az vm extension set –publisher Microsoft.Azure.ActiveDirectory –name AADLoginForWindows –resource-group <resource group where the VM is located> –vm-name <your VM name>

image  image


Set-AzureRmVMBGInfoExtension –VMName  <your VM name> -ResourceGroupName <resource group where the VM is located> -Name AADLoginForWindows

image  image

You will need to check the completion of the registration using the Extensions blade


Then you can grant the Virtual Machine User Login (or Virtual Machine Administrator Login) RBAC role to your users/groups


Leave a Comment

Your email address will not be published.