How to add AAD Groups to the Remote Desktop Users Group

Copper Contributor

How can you add an Azure AD Group to the local Remote Desktop Users group on an AAD joined PC?  I have found many how-tos on adding AAD User to the group, but nothing on how to add a group.

 

 

3 Replies

@novoJerry 

 

As far as I can tell, AAD groups and Remote Desktop Users Group don't get along very well.  We use Intune in our environment and I've noticed even if you add the AAD group via Intune to the device, either Administrators (who have Remote Access) or Remote Desktop Users group, the client doesn't translate it properly when I try to connect saying I don't have access.  Even though I'm an admin on the system, and I even check the remote users and clearly says I have access.  

Think it might be up to either powershell with an azure app to push a group to populate it with each individual user from that group (which adding a single user does work), which honestly I wouldn't want to do either. 


Did some further digging.  I was able to get at least intune to intune machine to work with AAD groups that were being pushed by Intune, requires basically turning on using AADauth for the RDP profile (or hitting the checkbox in advanced to use the web login) and making sure your DNS was network address the target (either with DDNS or with an a record).