Require Azure AD Login on Linux VM

I wasnt sure what board to put this in, but here goes:

I followed setup guide from MS document: https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-linux

Everything works except one thing, if I do ssh from different client (they require CLI for AAD login) I can still log in to the Linux servers with a local account.  The document above says:  "Use Azure deploy and audit policies to require Azure AD login for Linux VMs and flag non-approved local accounts" but I am totally getting the runaround about how to REQUIRE logins be only through AAD credentials.  I've had a support ticket open for 6 weeks and have gone through 4 different support groups with no success. 

I need this for SOC2 compliance and given that Azure show documents that their Azure services are SOC2 compliant, I cant imagine this is not achievable.  Does anyone know how to force Linux servers to only permit ADD credentials for login?