Allow B2B users to logon to VMs using Azure AD domain services
Currently B2B users cannot login to a Azure AD Domain Services joined virtual machine. In this scenario we do not have AAD Connect, only Azure AD directory with domain services running. We can join the VMs to the AAD DS domain and sign on with member accounts but cannot sign in with B2B guest accounts.
We need to feature to allow external vendor (Microsoft partners) to manage our Iaas VM environment in Azure. Creating on-prem account for each employee is unmanageable.
Sebastien Plisson commented
We would benefit of this feature for our use cases
Lester W commented
Any update on this much needed feature?? I have all these Microsoft consultants accessing our systems and we keep having to create local AD accounts for them. I'd really rather use the B2B access.
Mike Stephens commented
We're looking into it, but its a little further down on the list of things. Scenario makes sense. We'll keep this thread open for comments
Senior Program Manager
IAM Core | Domain Services
Shawn Anderson commented
I agree, this would be a huge help with working with external vendors especially with DevTest labs
Robert Tucker commented
So, are you saying that a VM hosted in Azure, connected to tenant AAD domain, does not support B2B user logons?
Ken Rivera commented
This capability will greatly assist with lab/shared PC use cases. Currently, we use shared accounts which require periodic password resets, but present a significant security risk.
Rashad Rivera commented
Seriously!!! No ONE even commented?