Unable to Authenticate using Domain/Local User on my Azure Windows-10 VM

Question

Since my failover from On-prem to Azure couple of months ago, I have been connecting to my Windows-10 ent VMs using my domain user without qualms.

Sometime last week, I got an "NLA" error when trying to connect to three of the VMs joined to the same domain. While one is the original VM, others were created from the snapshot of it - specialized method. So I disabled NLA from run command and only then can I RDP but can't authenticate using the domain credential. Error = "To sign in remotely, you need the right to sign in through Remote Desktop Services. By default, members of RD Users group have the right. ..."

I created a new user (local) from Azure portal, on signing in, I got the same error.

I created another local user from run command and added it to local remote desktop user on the VM using (net localgroup "Remote Desktop Users" "UserName" /add) but got the same error.

I enable EMF from RunCommand blade and tried to connect via Console Log but connection always almost doesn't start. I guess it's the same for a Windows client.

I have reset nics, redeployed (not that I thought it would help), reset RDPCert and verified that the system is joined to the domain using RDPSettings script from the run command. VM health Status is fine. Nothing related to the error was found on the logs. Restarted countless times.

No changes, or policy was applied ti the domain controller. User is a member of RDUser group on AD.

RDP connections is just one. Members who have Remote Desktop access can no longer signin. I can successfully connect to all the VMs joined to the same domain but this three.

What could I be possibly missing?

Answer 1

Sounds like you have either lost the connection from the VM to the DC or you have lost the trust to the AD.

Use this command to try to repair the trust: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/reset-computermachinepassword?view=powershell-5.1