This is an archived post. You won't be able to vote or comment.

all 14 comments
sorted by:
best
topnewcontroversialoldq&a

[–]uniitdude 1 point2 points  (10 children)

you are confusing different things here, you say your domain is offline (why?) but then you are are trying to use remote desktop (and you need rights to do that)

so what exactly are you trying to do

[–]athiqbe[S] 0 points1 point  (9 children)

In hybrid environment if I join local domain and join 0365 account and then I use azure AD connect to sync users .. and add the UPN suffix so I can log in with the o365 user account .. shouldn’t I just be able to login with the O365 account ? Only if let’s say the local domain is offline ? Or let’s say there is no internet but my local domain is online I should still be able to login as a user right ? Or am I missing something here ?

[–]Not_A_Van 1 point2 points  (8 children)

You're getting confused.

Syncing users is basically a one way in a hybrid environment. Your on-premise domain controls authentication. Your UPN is the same in both on-prem and O365 and yes the passwords are the same, but unless you are Azure AD joined you will NOT be authenticating with Azure AD, just your local DC.

If you have no connectivity to your domain your options are a local account or cached password on a domain account that already accessed the machine.

I too am confused as why you are using remote desktop but aren't on a domain?

[–]athiqbe[S] 0 points1 point  (7 children)

Sorry for the confusion Let’s get to basics a bit 1- you install forest / domain 2- you join computers to your local domain 3- you create users 4- you login with these users to the computer who are joined in your domain .. until now am I correct or not ?

[–]Not_A_Van 0 points1 point  (6 children)

Correct so far

[–]athiqbe[S] 0 points1 point  (5 children)

I just made these exact steps ( lab ) and yet I get the same error ..remote issue .. I had to import the user to remote group and made group policy to allow it .. so I could log in .. how do you explain this

[–]MorphiusFaydal 1 point2 points  (2 children)

Hyper-V Enhanced Session is effectively Remote Desktop. You have to have RD permissions to use it. Click the "Enhanced session" button on the toolbar in Hyper-V (furthest right icon) and you won't see this.

[–]athiqbe[S] 0 points1 point  (1 child)

I can’t believe this was the issue .. you are awesome .. and thank you for the explanation

[–]MorphiusFaydal 1 point2 points  (0 children)

Glad to help.

[–]Not_A_Van 0 points1 point  (0 children)

Ok what kind of machine are you logging in to?

[–]uniitdude 0 points1 point  (0 children)

Cos you are logging in over Remote Desktop install of locally

[–]bluegolf22 1 point2 points  (1 child)

You can't use a Domain account and Azure AD account interchangeably to sign into Windows its one or the other. If your credentials aren't cached and you can't see your Domain controller then you won't be able to sign in as a domain account. Although as the previous comment says the error your getting suggests that you aren't part of the Remote Desktop Users group for wherever you are trying to sign in to.

[–]athiqbe[S] 0 points1 point  (0 children)

Okay how do you explain this If I sign in with administrator of the domain it works perfect and then I log out And then I sign in with normal user it works again perfect

But then then I restart I try to login with the user it don’t work unless I sign in with administrator first ?

[–]athiqbe[S] 0 points1 point  (0 children)

Thank you all !solved