From 2719fa3aeb482d73cea0050c5fdaabc6d6e366f2 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Sat, 16 Mar 2019 10:37:25 +0200 Subject: [PATCH 1/3] update to reflect Cloud-only or Federated identity model addressed both issues: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/2936 https://github.com/MicrosoftDocs/windows-itpro-docs/issues/2351 --- windows/client-management/connect-to-remote-aadj-pc.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 3042e56449..eac32d014c 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -43,6 +43,12 @@ From its release, Windows 10 has supported remote connections to PCs that are jo > >`net localgroup "Remote Desktop Users" /add "AzureAD\FirstnameLastname"`, where *FirstnameLastname* is the name of the user profile in C:\Users\, which is created based on DisplayName attribute in Azure AD. > + >Depending on the chosen identity model, Cloud-only or Federated, you will need to use: + > + >`/add "AzureAD\the-UPN-attribute-of-your-user"` + >`/add "the-UPN-attribute-of-your-user"` + >`/add "the-SAMAccountName-attribute-of-your-user"` + > >In Windows 10, version 1709, the user does not have to sign in to the remote device first. > >In Windows 10, version 1709, you can add other Azure AD users to the **Administrators** group on a device in **Settings** and restrict remote credentials to **Administrators**. If there is a problem connecting remotely, make sure that both devices are joined to Azure AD and that TPM is functioning properly on both devices. @@ -50,7 +56,7 @@ From its release, Windows 10 has supported remote connections to PCs that are jo 4. Enter **Authenticated Users**, then click **Check Names**. If the **Name Not Found** window opens, click **Locations** and select this PC. >[!TIP] - >When you connect to the remote PC, enter your account name in this format: `AzureADName\YourAccountName`. + >When you connect to the remote PC, enter your account name in this format: `AzureAD\`. In some Windows builds the *AzureAD* prefix is no longer required. You can just use your *AzureAD UPN*. ## Supported configurations From 8b78780b212391b8b8af69d3117d6efb4cbcf6c2 Mon Sep 17 00:00:00 2001 From: TokyoScarab Date: Thu, 21 Mar 2019 08:37:34 +0200 Subject: [PATCH 2/3] Update windows/client-management/connect-to-remote-aadj-pc.md added comma Co-Authored-By: VLG17 <41186174+VLG17@users.noreply.github.com> --- windows/client-management/connect-to-remote-aadj-pc.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index eac32d014c..a5d8859be6 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -56,7 +56,7 @@ From its release, Windows 10 has supported remote connections to PCs that are jo 4. Enter **Authenticated Users**, then click **Check Names**. If the **Name Not Found** window opens, click **Locations** and select this PC. >[!TIP] - >When you connect to the remote PC, enter your account name in this format: `AzureAD\`. In some Windows builds the *AzureAD* prefix is no longer required. You can just use your *AzureAD UPN*. + >When you connect to the remote PC, enter your account name in this format: `AzureAD\`. In some Windows builds, the *AzureAD* prefix is no longer required. You can just use your *AzureAD UPN*. ## Supported configurations From d487fcb110600da76cbc21e43ff597aa2293f4d1 Mon Sep 17 00:00:00 2001 From: Jeanie Decker Date: Fri, 29 Mar 2019 12:16:20 -0700 Subject: [PATCH 3/3] corrected per product group feedback --- windows/client-management/connect-to-remote-aadj-pc.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index a5d8859be6..7812898ee3 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -41,13 +41,7 @@ From its release, Windows 10 has supported remote connections to PCs that are jo >[!NOTE] >You can specify individual Azure AD accounts for remote connections by having the user sign in to the remote device at least once and then running the following PowerShell cmdlet: > - >`net localgroup "Remote Desktop Users" /add "AzureAD\FirstnameLastname"`, where *FirstnameLastname* is the name of the user profile in C:\Users\, which is created based on DisplayName attribute in Azure AD. - > - >Depending on the chosen identity model, Cloud-only or Federated, you will need to use: - > - >`/add "AzureAD\the-UPN-attribute-of-your-user"` - >`/add "the-UPN-attribute-of-your-user"` - >`/add "the-SAMAccountName-attribute-of-your-user"` + >`net localgroup "Remote Desktop Users" /add "AzureAD\the-UPN-attribute-of-your-user"`, where *FirstnameLastname* is the name of the user profile in C:\Users\, which is created based on DisplayName attribute in Azure AD. > >In Windows 10, version 1709, the user does not have to sign in to the remote device first. > @@ -56,7 +50,7 @@ From its release, Windows 10 has supported remote connections to PCs that are jo 4. Enter **Authenticated Users**, then click **Check Names**. If the **Name Not Found** window opens, click **Locations** and select this PC. >[!TIP] - >When you connect to the remote PC, enter your account name in this format: `AzureAD\`. In some Windows builds, the *AzureAD* prefix is no longer required. You can just use your *AzureAD UPN*. + >When you connect to the remote PC, enter your account name in this format: `AzureAD UPN`. The local PC must either be domain-joined or Azure AD-joined. The local PC and remote PC must be in the same Azure AD tenant. ## Supported configurations