From 9b96e5b576a5830076ee72163564d6f933d7073e Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 00:15:32 -0800 Subject: [PATCH 01/11] Update connect-to-remote-aadj-pc.md Updated supported configs to be more readable, added details on adding AAD users and groups to Remote Desktop Users group via policy, removed the Windows account picker text which is not supported for AAD users --- .../connect-to-remote-aadj-pc.md | 79 ++++++++----------- 1 file changed, 34 insertions(+), 45 deletions(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 13ee43e312..ad3532576c 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -22,14 +22,15 @@ ms.topic: article - Windows 10 -From its release, Windows 10 has supported remote connections to PCs joined to Active Directory. Starting in Windows 10, version 1607, you can also connect to a remote PC that is [joined to Azure Active Directory (Azure AD)](https://docs.microsoft.com/azure/active-directory/user-help/device-management-azuread-joined-devices-setup). Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics). +From its release, Windows 10 has supported remote connections to PCs joined to Active Directory. Starting in Windows 10, version 1607, you can also connect to a remote PC that is [joined to Azure Active Directory (Azure AD)](hhttps://docs.microsoft.com/azure/active-directory/devices/concept-azure-ad-join). Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics). ![Remote Desktop Connection client](images/rdp.png) ## Set up - Both PCs (local and remote) must be running Windows 10, version 1607 or later. Remote connections to an Azure AD-joined PC running earlier versions of Windows 10 are not supported. -- Your local PC (where you are connecting from) must be either Azure AD joined or Hybrid Azure AD joined if using Windows 10 version 1607 and above, or Azure AD registered if using Windows 10 version 2004 and above. Remote connections to an Azure AD joined PC from an unjoined device or a non-Windows 10 device are not supported. +- Your local PC (where you are connecting from) must be either Azure AD joined or Hybrid Azure AD joined if using Windows 10 version 1607 and above, or [Azure AD registered](https://docs.microsoft.com/azure/active-directory/devices/concept-azure-ad-register) if using Windows 10 version 2004 and above. Remote connections to an Azure AD joined PC from an unjoined device or a non-Windows 10 device are not supported. +- The local PC and remote PC must be in the same Azure AD tenant. Azure AD B2B guests are not supported for Remote desktop. Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-guard), a new feature in Windows 10, version 1607, is turned off on the client PC you are using to connect to the remote PC. @@ -41,57 +42,45 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu ![Allow remote connections to this computer](images/allow-rdp.png) - 3. If the user who joined the PC to Azure AD is the only one who is going to connect remotely, no additional configuration is needed. To allow additional users or groups to connect to the PC, you must allow remote connections for the specified users or groups. Click **Select Users -> Add** and enter the name of the user or group. - - > [!NOTE] - > You can specify individual Azure AD accounts for remote connections by having the user sign in to the remote device at least once, and then running the following PowerShell cmdlet: - > ```powershell - > net localgroup "Remote Desktop Users" /add "AzureAD\the-UPN-attribute-of-your-user" - > ``` - > where *the-UPN-attribute-of-your-user* is the name of the user profile in C:\Users\, which is created based on the DisplayName attribute in Azure AD. - > - > This command only works for AADJ device users already added to any of the local groups (administrators). - > Otherwise this command throws the below error. For example: - > - for cloud only user: "There is no such global user or group : *name*" - > - for synced user: "There is no such global user or group : *name*"
- - > [!NOTE] - > In Windows 10, version 1709, the user does not have to sign in to the remote device first. - > - > In Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. + 3. If the user who joined the PC to Azure AD is the only one who is going to connect remotely, no additional configuration is needed. To allow additional users or groups to connect to the PC, you must allow remote connections for the specified users or groups. Users can be added either manually or through MDM policies: + + - Adding users manually - 4. Click **Check Names**. If the **Name Not Found** window opens, click **Locations** and select this PC. + You can specify individual Azure AD accounts for remote connections by running the following PowerShell cmdlet: + ```powershell + net localgroup "Remote Desktop Users" /add "AzureAD\the-UPN-attribute-of-your-user" + ``` + where *the-UPN-attribute-of-your-user* is the name of the user profile in C:\Users\, which is created based on the DisplayName attribute in Azure AD. - > [!TIP] - > When you connect to the remote PC, enter your account name in this format: AzureAD\yourloginid@domain.com. The local PC must either be domain-joined or Azure AD-joined. The local PC and remote PC must be in the same Azure AD tenant. + This command only works for AADJ device users already added to any of the local groups (administrators). + Otherwise this command throws the below error. For example: + - for cloud only user: "There is no such global user or group : *name*" + - for synced user: "There is no such global user or group : *name*"
- > [!Note] - > If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in the [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e). + > [!NOTE] + > For devices running Windows 10, version 1703 or earlier, the user must to sign in to the remote device first before attempting remote connections. + > + > Starting Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. + + - Adding users using policy + + Starting Windows 10 version 2004, you can add users or Azure AD groups to the Remote Desktop Users using MDM policies as described [in this article](https://docs.microsoft.com/azure/active-directory/devices/assign-local-admin#manage-administrator-privileges-using-azure-ad-groups-preview) + + > [!TIP] + > When you connect to the remote PC, enter your account name in this format: AzureAD\yourloginid@domain.com. + + > [!Note] + > If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in the [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e). ## Supported configurations -In organizations using integrated Active Directory and Azure AD, you can connect from a Hybrid-joined PC to an Azure AD-joined PC by using any of the following: +The table below lists out the supported configurations for remotely connecting to an Azure AD-joined PC: -- Password -- Smartcards -- Windows Hello for Business, if the domain is managed by Microsoft Endpoint Configuration Manager. +| Criteria | RDP from Azure AD registered device| RDP from Azure AD joined device| RDP from Hybrid Azure AD joined device | +| - | - | - | - | +| **Client operating systems**| Windows 10 2004 and above| Windows 10 1607 and above | Windows 10 1607 and above | +| **Supported credentials**| Password, smartcard| Password, smartcard, Windows Hello for Business certificate trust | Password, smartcard, Windows Hello for Business certificate trust | -In organizations using integrated Active Directory and Azure AD, you can connect from an Azure AD-joined PC to an AD-joined PC when the Azure AD-joined PC is on the corporate network by using any of the following: - -- Password -- Smartcards -- Windows Hello for Business, if the organization has a mobile device management (MDM) subscription. - -In organizations using integrated Active Directory and Azure AD, you can connect from an Azure AD-joined PC to another Azure AD-joined PC by using any of the following: - -- Password -- Smartcards -- Windows Hello for Business, with or without an MDM subscription. - -In organizations using only Azure AD, you can connect from an Azure AD-joined PC to another Azure AD-joined PC by using any of the following: - -- Password -- Windows Hello for Business, with or without an MDM subscription. > [!NOTE] > If the RDP client is running Windows Server 2016 or Windows Server 2019, to be able to connect to Azure Active Directory-joined PCs, it must [allow Public Key Cryptography Based User-to-User (PKU2U) authentication requests to use online identities](https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities). From 2d90cf77adb4692b4bced43250955389a0cb0a3d Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:19:18 -0800 Subject: [PATCH 02/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index ad3532576c..149f0759fe 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -22,7 +22,7 @@ ms.topic: article - Windows 10 -From its release, Windows 10 has supported remote connections to PCs joined to Active Directory. Starting in Windows 10, version 1607, you can also connect to a remote PC that is [joined to Azure Active Directory (Azure AD)](hhttps://docs.microsoft.com/azure/active-directory/devices/concept-azure-ad-join). Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics). +From its release, Windows 10 has supported remote connections to PCs joined to Active Directory. Starting in Windows 10, version 1607, you can also connect to a remote PC that is [joined to Azure Active Directory (Azure AD)](https://docs.microsoft.com/azure/active-directory/devices/concept-azure-ad-join). Starting in Windows 10, version 1809, you can [use biometrics to authenticate to a remote desktop session](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1809#remote-desktop-with-biometrics). ![Remote Desktop Connection client](images/rdp.png) From 631a16f00a2a655c90dd850b90b96153229e43ae Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:21:01 -0800 Subject: [PATCH 03/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 149f0759fe..b0d82b4ca2 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -58,7 +58,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu - for synced user: "There is no such global user or group : *name*"
> [!NOTE] - > For devices running Windows 10, version 1703 or earlier, the user must to sign in to the remote device first before attempting remote connections. + > For devices running Windows 10, version 1703 or earlier, the user must sign in to the remote device first before attempting remote connections. > > Starting Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. From c4e378dc7d630262d3fc890e0de97c0b597d461c Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:21:24 -0800 Subject: [PATCH 04/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index b0d82b4ca2..e5004eafc1 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -60,7 +60,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu > [!NOTE] > For devices running Windows 10, version 1703 or earlier, the user must sign in to the remote device first before attempting remote connections. > - > Starting Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. + > Starting in Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. - Adding users using policy From 7ef70763252e33769638450a1dbf4a249d548f86 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:21:55 -0800 Subject: [PATCH 05/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index e5004eafc1..ba1a79e318 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -64,7 +64,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu - Adding users using policy - Starting Windows 10 version 2004, you can add users or Azure AD groups to the Remote Desktop Users using MDM policies as described [in this article](https://docs.microsoft.com/azure/active-directory/devices/assign-local-admin#manage-administrator-privileges-using-azure-ad-groups-preview) + Starting in Windows 10, version 2004, you can add users or Azure AD groups to the Remote Desktop Users using MDM policies as described in [How to manage the local administrators group on Azure AD joined devices](https://docs.microsoft.com/azure/active-directory/devices/assign-local-admin#manage-administrator-privileges-using-azure-ad-groups-preview). > [!TIP] > When you connect to the remote PC, enter your account name in this format: AzureAD\yourloginid@domain.com. From eecdfa446f1fdc2f5f6d17d155315c7eaf0b5d13 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:22:04 -0800 Subject: [PATCH 06/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index ba1a79e318..62c073d64e 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -69,7 +69,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu > [!TIP] > When you connect to the remote PC, enter your account name in this format: AzureAD\yourloginid@domain.com. - > [!Note] + > [!NOTE] > If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in the [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e). ## Supported configurations From 552e6e081782e2b020afb085bcfcb223f99ac089 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:22:28 -0800 Subject: [PATCH 07/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 62c073d64e..5025fb0934 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -70,7 +70,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu > When you connect to the remote PC, enter your account name in this format: AzureAD\yourloginid@domain.com. > [!NOTE] - > If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in the [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e). + > If you cannot connect using Remote Desktop Connection 6.0, you must turn off the new features of RDP 6.0 and revert back to RDP 5.0 by making a few changes in the RDP file. See the details in this [support article](https://support.microsoft.com/help/941641/remote-desktop-connection-6-0-prompts-you-for-credentials-before-you-e). ## Supported configurations From 3602e35079968d6b0692633835e5efedba62e212 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:22:40 -0800 Subject: [PATCH 08/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 5025fb0934..e39a986cde 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -74,7 +74,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu ## Supported configurations -The table below lists out the supported configurations for remotely connecting to an Azure AD-joined PC: +The table below lists the supported configurations for remotely connecting to an Azure AD-joined PC: | Criteria | RDP from Azure AD registered device| RDP from Azure AD joined device| RDP from Hybrid Azure AD joined device | | - | - | - | - | From f68b3dd03651c855ba01dfc3f002018f5d8c6363 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 12:23:08 -0800 Subject: [PATCH 09/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index e39a986cde..c9aefb4d2b 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -78,7 +78,7 @@ The table below lists the supported configurations for remotely connecting to an | Criteria | RDP from Azure AD registered device| RDP from Azure AD joined device| RDP from Hybrid Azure AD joined device | | - | - | - | - | -| **Client operating systems**| Windows 10 2004 and above| Windows 10 1607 and above | Windows 10 1607 and above | +| **Client operating systems**| Windows 10, version 2004 and above| Windows 10, version 1607 and above | Windows 10, version 1607 and above | | **Supported credentials**| Password, smartcard| Password, smartcard, Windows Hello for Business certificate trust | Password, smartcard, Windows Hello for Business certificate trust | From 1adf8966c7d559515ac7be469b379bbf50257920 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 15:41:59 -0800 Subject: [PATCH 10/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index c9aefb4d2b..24110d064c 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -29,7 +29,7 @@ From its release, Windows 10 has supported remote connections to PCs joined to A ## Set up - Both PCs (local and remote) must be running Windows 10, version 1607 or later. Remote connections to an Azure AD-joined PC running earlier versions of Windows 10 are not supported. -- Your local PC (where you are connecting from) must be either Azure AD joined or Hybrid Azure AD joined if using Windows 10 version 1607 and above, or [Azure AD registered](https://docs.microsoft.com/azure/active-directory/devices/concept-azure-ad-register) if using Windows 10 version 2004 and above. Remote connections to an Azure AD joined PC from an unjoined device or a non-Windows 10 device are not supported. +- Your local PC (where you are connecting from) must be either Azure AD-joined or Hybrid Azure AD-joined if using Windows 10, version 1607 and above, or [Azure AD registered](https://docs.microsoft.com/azure/active-directory/devices/concept-azure-ad-register) if using Windows 10, version 2004 and above. Remote connections to an Azure AD-joined PC from an unjoined device or a non-Windows 10 device are not supported. - The local PC and remote PC must be in the same Azure AD tenant. Azure AD B2B guests are not supported for Remote desktop. Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-guard), a new feature in Windows 10, version 1607, is turned off on the client PC you are using to connect to the remote PC. From 9b1b09bd6d2268390478073a8721157b33b5a9f0 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Tue, 12 Jan 2021 15:42:12 -0800 Subject: [PATCH 11/11] Update windows/client-management/connect-to-remote-aadj-pc.md Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 24110d064c..3e360929de 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -76,7 +76,7 @@ Ensure [Remote Credential Guard](/windows/access-protection/remote-credential-gu The table below lists the supported configurations for remotely connecting to an Azure AD-joined PC: -| Criteria | RDP from Azure AD registered device| RDP from Azure AD joined device| RDP from Hybrid Azure AD joined device | +| Criteria | RDP from Azure AD registered device| RDP from Azure AD joined device| RDP from hybrid Azure AD joined device | | - | - | - | - | | **Client operating systems**| Windows 10, version 2004 and above| Windows 10, version 1607 and above | Windows 10, version 1607 and above | | **Supported credentials**| Password, smartcard| Password, smartcard, Windows Hello for Business certificate trust | Password, smartcard, Windows Hello for Business certificate trust |