disable NLA on taget machine
In Windows 10 Microsoft changed RDP’s defaults. We modified the default for “SecurityLayer” from 0 to 2. Even if you go into the user interface and disable: “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” Still doesn’t change that value to a 2.
- Open RegEdit
- Navigate to this Key:
- Change “SecurityLayer” to a zero
after above you should be able to login with RDP using AzureAD\email@example.com login and password