Using Azure Active Directory Authentication To Sign Into Windows Virtual Machine - techie

Latest

Wednesday, April 14, 2021

Using Azure Active Directory Authentication To Sign Into Windows Virtual Machine



Introduction

 
To make things simple people often follow the risky practice of sharing admin account passwords among big groups of individuals. This makes it very hard to guard your production Windows VMs and collaborate with your team when using shared Windows VMs.
 
So, now organizations can utilize Azure AD authentication over a Remote Desk Protocol (RDP) for Azure VMs running Windows Server 2019 Datacenter edition or Windows 10 1809 and later.
 
When using the Azure AD to authenticate VMs, it provides the power to centrally control and enforce policies using tools like Azure Role-Based Access Control (RBAC) and Azure AD Conditional Access to permit you to regulate who can access a VM.
 
There are many benefits including,
  • Utilizing an equivalent federated or managed Azure AD credentials you normally use.
  • Not having to manage local administrator accounts.
  • Using Azure RBAC to grant acceptable access to VMs supported need and take away it when it's not needed.
  • Requiring AD Conditional Access to additional requirements:
    • Multi-factor authentication (MFA)
    • Sign-in risk
  • Automating and scaling Azure AD join for the Azure-based Windows VMs.



No comments:

Post a Comment

Note: Only a member of this blog may post a comment.