We help IT Professionals succeed at work.

How do you add a  azure ad user to a remote desktop users group?

How do you add a  azure ad user to a remote desktop users group?
Comment
Watch Question

Philip ElderTechnical Architect - HA/Compute/Storage
CERTIFIED EXPERT

Commented:
For on-premises or Windows Virtual Desktops?

Author

Commented:
on premise
Philip ElderTechnical Architect - HA/Compute/Storage
CERTIFIED EXPERT

Commented:
I must admit that I've not been successful at it as of yet for any of our on-premises Remote Desktop deployments. We need a local AD.
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:

For one computer or many?


Probably a better way but you can login with account and you will get the SID.

Use a script such as   https://gallery.technet.microsoft.com/scriptcenter/5dc1e9f8-ec28-4f2e-aeea-65f6589afac5 to add SID to Remote Desktop Users

Author

Commented:

It's just for one computer.

Technical Architect - HA/Compute/Storage
CERTIFIED EXPERT
Commented:
I never got it to work. :(

The kicker is that once the OS is hooked into Azure AD it's still workgroup but does not behave like it at all.

All of that Intune/MDM stuff comes into play. It's something we've not really put any time into. Yet.

The simplest workaround is to set up the OS with a local user and local admin account then log the user on as a Standard User, add that user account to the Remote Desktop Users group in CompMgmt.MSC, and then hook into Azure AD.

Author

Commented:

My team will play around with the scripting solution some more and post some updates later.