允许用户使用AAD帐户登录Windows Azure虚拟机？ [英] Allowing users to login to Windows Azure Virtual Machines using AAD accounts?

问题描述

我有开发人员内部部署 - 还有一些外部开发人员。我们的AAD同步（密码哈希）与我们的本地AD，以及承包商的外部帐户。我们在Azure中有dev / sit / qa等临时项目特定的虚拟机。我希望开发人员使用他们的AD / AAD帐户
登录，而不是本地帐户。似乎Linux VM有一个很好的轻量级AAD登录可用（  https： //docs.microsoft.com/en-us/azure/virtual-machines/linux/login-using-aad  ）
但据我所知，对此做同样的事情Windows VMs，似乎我必须将它们加入域名，坦率地说，这是一个痛苦的屁股。是否有允许轻量级登录的解决方案，而不必经历域名加入的重量级过程？ 

I have developers on-premise - and some external. We have AAD syncing (password hash) with our on-prem AD, and external accounts for contractors. We have ephemeral project-specific VMs in Azure for dev/sit/qa etc. I want devs to use their AD/AAD accounts to login, not local accounts. It seems Linux VMs have a nice lightweight AAD login available ( https://docs.microsoft.com/en-us/azure/virtual-machines/linux/login-using-aad ) but as far as I can tell, to do the same with the Windows VMs, it seems I have to domain-join them which is, frankly, a pain in the ass. Is there a solution to allow lightweight login and not have to go through the heavyweight process of domain-joining? 

推荐答案

您好Oisin，

Hi Oisin,

我不相信Windows中有相同的内容。  Linux VM目前不支持Azure AD连接，因此这是解决方法。

I dont believe there is an equivalent of this for Windows.  Linux VMs dont currently support an Azure AD join so this is the workaround.

我知道将Windows VM加入域很痛苦但这是您获得的信任和管理的一部分作为域名加入的一部分 - 它是如何信任登录的一部分。

I know its a pain to join Windows VMs to the domain but this is part of the trust and management that you get as part of the domain join - it is part of how it trusts the login.

你有很多虚拟机吗？

谢谢

马特

这篇关于允许用户使用AAD帐户登录Windows Azure虚拟机？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！