Can I use a Azure Active Directory user account for remoting

Hi!

I’m pretty new to PowerShell, let alone remoting, and I’ve been trying like crazy to get PowerShell remoting (invoke-command / enter-pssession) to work with a Azure Active Directory joined device (Hypver-V VM actually) and Azure Active Directory user account. I searched Google but couldn’t find anything definitive about it being possible or not.

I’ve been trying (variations of):

Enter-Pssession -ComputerName [computername] -Credential AzureAD\[username]

The username I provided is the Azure Active Directory Global administrator. I can see the device I want to connect to if I run

Get-AzureADDevice

I have enable remoting via Enable-PSRemoting and am able to remote using the devices administrator account.

So, my questions would be: is this even possible? If so, how?

Regards,

Bram

Just to make this completely sure - the account you want to use to remote into another Windows client has to be an administrator on this client. Is the Azure Active Directory user account an administrator on this client you want to remote into?

Simply put, doing this…

AzureAD\[username]

… nope.

Logging in to a host requires local machine or local domain account. AS Olaf points out, if you are doing admin stuff, you need to also be local admin on that host.

Thus, you’d have to manually add the UPN(username@azuredomainname) of that AAD account to that host, you will not be able to use that NetBIOS like name because it will never resolve.