解决方案:
https://stackoverflow.com/questions/62307900/remote-machine-is-aad-but-the-logon-attempt-failed
enablecredsspsupport:i:0
authentication level:i:2
说明
authentication level:i:<value>
| 0 |
| -------------------------------------- |
| 如果服务器身份验证失败,请在没有警告的情况下连接到计算机(连接而不警告我)。 |
| |
| 1 |
| |
| 如果服务器验证失败,请不要建立连接(不要连接)。 |
| |
| 2 |
| |
| 如果服务器身份验证失败,显示警告并允许我连接或拒绝连接(警告我)。 |
| |
| 3 |
| |
| 未指定身份验证要求。 |
enablecredsspsupport:i:<value>
| 0 |
| ----------------------------------- |
| 即使操作系统支持 CredSSP,RDP 也不会使用 CredSSP。 |
| |
| 1 |
| |
| 如果操作系统支持 CredSSP,RDP 将使用 CredSSP。 |
Save the file and close.
Now, try double clicking the modified .rdp file and login using the format:
AzureAD\YourFullUsername
There you have it! It’s a bit of a pain, but now you can RDP into a computer with your Azure AD credentials (aka, email address) to an Azure AD joined computer.
I use a free piece of software called Remote Desktop Manager for all my connections. You can’t make the necessary changes to a connection in there (that I can tell anyway), but you can create the RDP file using the instructions here then import that connection into the tool and it will work perfectly.
Remote Desktop to Azure AD Joined Computer
http://www.bradleyschacht.com/remote-desktop-to-azure-ad-joined-computer/
自动登录
or the user name field should be formatted as .\AzureAD\email@company.com
full address:s:远程桌面地址
username:s:.\AzureAD\email@company.com
password 51:b:加密后的密码